Google has removed 85 apps from the Google Play store after security researchers at Trend Micro found a particularly annoying adware scheme hiding inside.The adware, called AndroidOS_Hidenad.HRXH, was embedded in fully functioning photography and gaming apps that were installed over 8 million times. The apps exploited common Android functions to detect when the user unlocked their phone, triggering ads that were typically five minutes in length and were difficult to skip. They would also replace their icons on the home screen with a shortcut so that even if the user dragged what they thought was the app into the trash, the app would remain functioning on the phone.
Given the prevalence of adware on the Google Play store, it’s important to check the reviews of unfamiliar apps; these apps in particular racked up several one-star scores, with users pointing out the problems they’ve encountered. That said, we’ve even seen cases of adware being pre-installed on Android phones, though that’s generally on phones not certified by Google.
Trend Micro points out that this adware should ideally only affect phones running older versions of Android. “Android 8.0 and later versions…have a function that asks for user confirmation before an application is allowed to create a shortcut,” which would have alerted users to the app’s otherwise hidden activity.
Google frequently states that the company takes measures to prevent adware and malware from making it onto their digital storefront, yet new reports on dozens of nefarious apps surface on a regular basis. This most recent event likely won’t be the one that pushes Google toward a more secure Play store, but after so many incidents, it’s hard to imagine that push won’t eventually come to shove.