Google keeps removing apps from Play Store that don’t meet the guidelines. According to a report, the tech giant has now removed 29 more apps consisting of adware. These adware filled apps were detected by White Ops’ Satori threat intelligence team as a part of their “CHARTREUSEBLUR” investigation. Most of the malicious apps detected were photo editing apps, which reportedly provided users with a free blur feature.
All the editing apps were found running out-of-context (OOC) ads due to which they were able to avoid detection. The apps made it difficult for users to remove them and this was because once they were installed the app icons would disappear from the phone, which basically means that users were not able to find the app. However, these apps were installed and could be removed directly from the Apps page located inside the Settings menu.
White Ops’ Satori team revealed that one of the apps called Square Photo Blur was a “hollow shell of an app” and did not function as an ad. Once the app was installed, the launch icon would disappear and there was no open button on the Play Store too. Apart from the ads, the Square Photo Blur app even opened an OOC web browser randomly.
The app would then show ads throughout the system UI. Ads that were popping up from any of these apps, took only a few seconds before providing another ad. The team states that any action performed on an infected smartphone triggered a code in the app for ads to pop-up.
These 29 apps include Auto Picture Cut, Color Call Flash, Square Photo Blur, Square Blur Photo, Magic Call Flash, Easy Blur, Image Blur, Auto Photo Blur, Photo Blur, Photo Blur Master, Super Call Screen, Square Blur, Square Blur Master, Smart Blur Photo, Smart Photo Blur, Super Call Flash, Smart Call Flash, Blur Photo Editor and Blur Image. Rest of the apps are variants of these with the same names. You can check out the full list by clicking here.
A lot of these apps had over 5,00,000 downloads on the Play Store while one had over 1,00,000 downloads. This means that these apps have infected a lot of phones globally, not at a scale of the Joker malware, but still not small.
Even though these 29 apps have been discovered and removed, there might be more apps like this that went undetected. Or there might be new apps in the future, with a bit of a code change to pass through Google’s radar.
For these, the Satori team advises that the users’ lookout for a few hints before downloading. These include looking at the reviews of the apps to check if people are claiming about unwanted pop-up ads or that the app disappears after downloading. You also need to check if the app has a lot of 5-star reviews but all the recent ones are mostly 1-star and claim that the app doesn’t work as advertised.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines