Security researchers at global cybersecurity major Sophos said on 9th October 2019 “At least 15 apps on Google Play Store were found to be engaging in generating frequent, large, and intrusive ads and hiding their app icons in the launcher to make it difficult for users to find and remove them. Several of them went a step further by disguising themselves in the phone’s app settings page”.
Threat researcher Pankaj Kohli in a Sophos blog post said “SophosLabs recently discovered 15 apps on Google’s Play Market that engage in such practices; They generate frequent, large, intrusive ads and hide their app icons in the launcher to make it difficult for you to find and remove them. Several of them go a step further by disguising themselves in the phone’s App settings page”.
According to the Google Play Store‘s pages for these apps, more than 1.3 million devices across the world have installed at least one of them.
Andrew Brandt, Principal Researcher, SophosLabs, said in a statement “When first launched, the app displays a message that says ‘This app is incompatible with your device!’ You might think that the app has crashed, because, after this ‘crash,’ the app opens the Play Store and navigates to the page for Google Maps, to mislead you into thinking that the ubiquitous Maps app is the cause of the problem. It is not. This is a ruse”.
These apps then hide their icon so they do not show up in the launcher’s app tray.
Out of 15 adware apps, Nine of them used deceptive application icons and names. From these apps, most of them were chosen because they resemble the innocuous system app.