Google has removed 17 apps from the Play Store discovered as Riskware by security company Bitdefender. The apps with total downloads of over 550,000, dodged Google’s vetting system, thanks to malicious tactics. Some of these apps include ‘Car Racing 2019’, ‘Backgrounds 4K HD’, ‘Barcode Scanner’, ‘Period Tracker – Cycle Ovulation Women’s’ and more.
Though the apps have not been classified as malicious, they can potentially compromise security by showing an ad of, say an app that is affected by malware, which users might download. “While not malicious per se, the tactics they use to smuggle themselves into Google Play and dodge Google’s vetting system are traditionally associated with malware,” Bitdefender said in a post.
The apps were essentially found to drain the user’s phone’s battery by showing full-screen ads at random intervals. Some game apps even showed multiple full-screen ads in between gameplays, which prevented users to play the game. As per the post, the ads in the apps are shown at random intervals and within multiple activities thanks to modified adware SDKs, which makes it difficult to detect a pattern in which the ads appear.
Here’s the full list of apps that have been identified as Riskware by Bitdefender:
• Car Racing 2019
• 4K Wallpaper (Background 4K Full HD)
• Backgrounds 4K HD
• Barcode Scanner
• Clock LED
• Explorer File Manager
• File Manager Pro – Manager SD Card/Explorer
• Mobnet.io: Big Fish Frenzy
• Period Tracker – Cycle Ovulation Women’s
• QR & Barcode Scan Reader
• QR Code – Scan & Read a Barcode
• QR Code Reader & Barcode Scanner Pro
• Screen Stream Mirroring
• Today Weather Radar
• Transfer Data Smart
• VMOWO City : Speed Racing 3D
• Wallpapers 4K, Backgrounds HD
Further according to the post, requests sent to ad web sites by some versions of the apps also contained sensitive information of users like phone model, IMEI, IP address, MAC address, and location information.
Earlier this year, Google removed 24 apps infected with the ‘Joker‘ malware from its Play Store with a total of over 5,00,000 downloads. The ‘Joker’ malware is said to be a harmful “large-scale billing fraud family“, which tried a lot to get past the company’s security walls and charge users unethically.