informa
/
Commentary

Android Adware Raises Google Play Security Concerns

Three apps, downloaded to tens of millions of Android devices from the Google Play store, foisted ads for apps on unsuspecting users.
8 Wacky Cyberattacks Worse Than Sony Hack
8 Wacky Cyberattacks Worse Than Sony Hack
(Click image for larger view and slideshow.)

Google has suspended three applications from the Play Store after being alerted to the presence of malicious adware. A security firm revealed the infected apps to Google and believes they've been installed on many millions of phones and tablets.

The development raises a number of questions about how Google operates the Play Store and whether or not its reactive approach is the right one.

One of the apps, a solitaire game called Durak, targeted English speakers, according to Avast, the security firm that discovered the adware. The other two applications -- an IQ test and a history app -- targeted Russian speakers. Durak hit the Play Store in December and has been downloaded between 5 and 10 million times.

Whoever created the apps used a clever ploy. The creator remained dormant for a period of up to 30 days in a clear attempt to hide.

"After 30 days, I guess not many people would know which app is causing abnormal behavior on their phone, right?" noted Avast's Filip Chytry in a blog post. All three apps behaved normally after they were installed. Perhaps a week or two later, some users reported some strange behavior from their device after a reboot.

At the 30-day mark, however, things got ugly.

"Each time you unlock your device an ad is presented to you, warning you about a problem, e.g. that your device is infected, out of date or full of porn. This, of course, is a complete lie," explained Chytry. "You are then asked to take action; however, if you approve you get re-directed to harmful threats on fake pages, like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value."

Basically, the adware used system-level notifications to generate advertisements for other apps and services. This is strictly verboten behavior. Google was quick to respond to Avast's alert, suspend the apps, and assure people that they shouldn't worry. Hopefully Google plans to do a lot more, because there's plenty to worry about here:

  • How did the apps get past Google's scans? They shouldn't have.
  • What are infected users supposed to do if their handsets can't be cleaned up?
  • What is Google going to do to prevent this from happening again?
  • Will there be any repercussions for the creator of this malicious adware?

[Where are the Android 5.0 Lollipop updates? Check out how the smartphone market is responding.]

Android users have to trust that the apps they download from the Play Store are safe and won't cause them or their devices harm. Google has always warned that downloading apps from sources other than the Play Store is risky. If downloading apps from the Play Store becomes risky, too, then Google will have a significant problem on its hands.

Attend Interop Las Vegas, the leading independent technology conference and expo series designed to inspire, inform, and connect the world's IT community. In 2015, look for all new programs, networking opportunities, and classes that will help you set your organization’s IT action plan. It happens April 27 to May 1. Register with Discount Code MPOIWK for $200 off Total Access & Conference Passes.