After detecting malicious activity, Google Play Store has removed 16 applications from its store with over 20 million installs.
Security company McAfee said the app was found to be able to download malware from third parties without user consent. It was discovered that the app performed ad fraud by sending out fake notifications to users’ phones, instructing them to click on certain links. These links would lead to websites where the user would see an advertisement for something they were not interested in.
The post includes screenshots showing a small sample of the extra network traffic caused by the fraudulent activity.
Malicious applications often come bundled with a code base known as “com.liveposting” or “com.click.cas”, which act as agents for advertising networks and click fraud operations. These applications wait approximately one full day after install before using these code bases.
Fraudulent clicks occur when a third party receives a share of the advertising revenues generated by fraudulent traffic. Instead of genuine referrals from actual visitors, these clicks are simulated using bots.
- Is your password exposed in a data breach? Here’s what you should do
- How to enable Emergency SOS alerts on Android and iOS
A Google spokesperson confirmed that all of the applications were removed from the Play Store after being flagged by McAfee. He added that users are also safe because of Google Play Protect, which stops malicious applications from being installed. However, he did not explain how the applications managed to rack up 20 million installs if Play Protect worked correctly.
Here’s the list of malicious apps and their number of downloads. In case you have any of them, make sure to uninstall them immediately.