ESET®, a global pioneer in IT security for more than two decades, publishes information on fake apps that were available at the official Google app store.
Posing as popular game cheats, such as Cheats for Pou, Guide for SubWay and Cheats for SubWay, these fake apps were installed more than 200,000 times in a single month, according to ESET security researchers.
The app aggressively display adverts 30-40 minutes, disrupting normal use of users’ Android devices.
The fake apps, detected as Android/AdDisplay.Cheastom by ESET, deploy numerous techniques to evade detection by Google Bouncer - the technology Google uses to prevent malicious apps from entering the Google Play store.
In addition, the apps contain self-preservation code to make their removal more complicated.
“These aggressive ad-displaying apps attempt to hide their functionality from security researchers by deploying techniques, which succeeded in being downloaded over 200,000 times in a single month,” said Lukáš Štefanko, Malware Researcher at ESET. “The anti-Bouncer technique used by these apps obtains the IP address of a device and accesses its WHOIS record. If the information returned contains the string ‘Google’, then the app assumes it is running in Bouncer. Should the app detect an emulator or Google Bouncer environment, the ads are not displayed. Instead, the app will simply provide game cheats, as expected.”
ESET notified Google and these unwanted applications have now been removed from the Google store.
“Although it’s good that Google removed the apps from the Android Google Play store after we informed them of the issue, it is clear that more attempts will be made to bypass Bouncer and spread apps containing undesirable code,” continued Štefanko.
More information and advice for affected users available from ESET’s in-depth article on WeLiveSecurity.com.
About ESET
Since 1987, ESET® has been developing award-winning security software that now helps over 100 million users to Enjoy Safer Technology. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore and Buenos Aires. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.