At least 15 apps on Google Play Store were found to be engaging in generating frequent, large, and intrusive ads and hiding their app icons in the launcher to make it difficult for users to find and remove them, security researchers at global cyber security major Sophos said on Wednesday. Several of them went a step further by disguising themselves in the phone’s app settings page.
“SophosLabs recently discovered 15 apps on Google’s Play Market that engage in such practices; They generate frequent, large, intrusive ads and literally hide their app icons in the launcher in order to make it difficult for you to find and remove them. Several of them go a step further by disguising themselves in the phone’s App settings page,” said threat researcher Pankaj Kohli in a Sophos blog post.
According to the Google Play Store’s pages for these apps, over 1.3 million devices worldwide have installed at least one of them.
“When first launched, the app displays a message that says ‘This app is incompatible with your device!’ You might think that the app has crashed, because, after this ‘crash,’ the app opens the Play Store and navigates to the page for Google Maps, to mislead you into thinking that the ubiquitous Maps app is the cause of the problem.
“It is not. This is a ruse,” Andrew Brandt, Principal Researcher, SophosLabs, said in a statement.
These apps then hide their own icon so they do not show up in the launcher’s app tray.
Nine out of the batch of 15 apps used deceptive application icons and names, most of which appeared to have been chosen because they might plausibly resemble an innocuous system app.