McAfee security researchers warn of thirteen adware apps that have appeared on Google Play. The apps masquerade as tools for cleaning up and optimizing the Android system, but they do nothing of the sort. They are used solely to display advertisements.
The researchers explain in a reportthat the fake apps are promoted via Facebook ads. Since the link leads to Google’s official app store, no alarm bells are ringing on Facebook and victims feel a false sense of security.
After installation, the apps should run right in the background and start showing ads. According to the researchers, victims do not even have to start the app. To do this, the malware hooks into the Android system component Contact Provider. This allows apps to exchange data between devices and online services. This is also accessed by newly installed apps, making it more difficult for victims to trace the origin of the ads.
Camouflaged on the go
The fake apps are also said to be permanently embedded in systems. To make uninstallation more difficult, the app name and icon should change constantly. One moment the malware masquerades as the official settings app and the other moment it looks like Google Play.
Meanwhile, Google is said to have removed the apps from the store. Most of the victims are in Japan and South Korea. The general rule on the Internet is not to click on links without thinking. Of course, when a link leads to an official source, it makes it harder for potential victims to spot the threat. In some cases, reading the app reviews helps to uncover fraud.
These apps are affected:
- Carpet Clean, og.crp.cln.zda, 100K+ downloads
- Cool Clean, syn.clean.cool.zbc, 500K+ downloads
- EasyCleaner, com.easy.clean.ipz, 100K+ downloads
- Fingertip Cleaner, com.fingertip.clean.cvb, 500K+ downloads
- Full Clean -Clean Cache, org.stemp.fll.clean, 1M+ downloads
- Junk Cleaner, cn.junk.clean.plp, 1M+ downloads
- Keep Clean, org.clean.sys.lunch, 1M+ downloads
- Meteor Clean, org.ssl.wind.clean, 100K+ downloads
- Power Doctor, com.power.doctor.mnb, 500K+ downloads
- Quick Cleaner, org.qck.cle.oyo, 1M+ downloads
- Strong Clean, in.memory.sys.clean, 500K+ downloads
- Super Clean, com.super.clean.zaz, 500K+ downloads
- Windy Clean, in.phone.clean.www, 500K+ downloads