Scareware (Photo : Facebook)
Google may have been successful at preventing data-stealing Trojan apps from invading Google Play, but attackers were still able to find ways to use the online store to monetize rogue applications, CIO reported.
In a report released by Avast Software, three Google Play apps were found to have hidden adware functionality designed to set off days after installing the apps. The rogue apps included a history app, an IQ test and a game dubbed Durak, which were downloaded millions of times by unsuspecting users.
Filip Chytry, an Avast researcher, stated that Durak acts and appears similar to a normal gaming application when first installed. He said that the app stays that way until the user reboots his device. After a couple of days, the device might start malfunctioning.
One specific example is everytime the phone is unlocked, the app shows persistent ads claiming the phone and all information it contains are at risk. When the user acts, they run into problems like getting redirected to questionable apps and app stores.
The scheme works similarly to scareware scams that have pestered computer users for years by alerting them into installing system optimization tools or rogue antivirus programs using false warnings.
Rogue developers found a way to beat Google by delaying the warning alerts for a few days since users will find it hard to determine which application is responsible for the messages.
Chytry commented that most people will believe that the problem can be solved with the apps' recommended solutions and follow the suggested steps. This may result in an investment in unwanted applications from questionable sources.
The three rogue apps, which have been identified by Avast, have been removed by Google.
