Android adware apps on Google Play amass two million installs

Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices.

In their latest monthly mobile threat report, Doctor Web's analysts identified trojans on Google Play associated with the 'FakeApp,' 'Joker,' and the 'HiddenAds' malware families.

Of particular interest are the following four adware (HiddenAds) apps disguised as games:

• Super Skibydi Killer – 1,000,000 downloads
• Agent Shooter – 500,000 downloads
• Rainbow Stretch – 50,000 downloads
• Rubber Punch 3D – 500,000 downloads



HiddenAds game app on Google Play (Dr. Web)



Dr. Web explains that once victims install these apps on their devices, they hide by replacing their icons with that of Google Chrome or using a transparent icon image to create empty space in the app drawer.

These apps run stealthily in the background upon launch, abusing the browser to launch ads and generate revenue for their operators.

The analysts also discovered several apps belonging to the FakeApp family, which direct users to investment scam sites.

In other cases, Dr. Web spotted game apps that loaded dubious online casino websites in violation of Google Play policies. 

Some notable examples of those are:

• Eternal Maze (Yana Pospyelova) – 50,000 downloads
• Jungle Jewels (Vaibhav Wable) – 10,000 downloads
• Stellar Secrets (Pepperstocks) – 10,000 downloads
• Fire Fruits (Sandr Sevill) – 10,000 downloads
• Cowboy's Frontier (Precipice Game Studios) – 10,000 downloads
• Enchanted Elixir (Acomadyi) – 10,000 downloads

Fake app taking users to casino sites (Dr. Web)