Click to Skip Ad
Closing in...

56 Android apps with malware were downloaded 1 million times before being discovered

Published Mar 25th, 2020 10:12PM EDT
Android Apps
Image: Shutterstock

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

  • Android malware is arguably less prevalent than it was a few years ago, but it still remains a serious and all too common issue.
  • Recently, 56 Android apps with malware were discovered on Google Play. Together, these apps were downloaded more than one million times.
  • As Google slowly but surely looks to keep a closer eye on malicious apps, malware creators are becoming increasingly more sophisticated and creative when it comes to sneaking their apps onto the Play Store.
  • Visit BGR’s homepage for more stories.

Google’s Play Store may not be the Wild West of malware it once was, but it sure does seem like we can’t go even a week or two without hearing about some dangerous piece of malware that managed to sneak in underneath Google’s radar. While Google has taken steps to make its Play Store a little bit more secure and reliable, many malicious apps, as a result, are becoming a lot more creative when it comes to avoiding detection.

Most recently, security researchers from Check Point Research discovered a new type of malware that was found to be lurking in 24 children’s games and 32 utility apps. Dubbed Tekya, the malware is essentially focused on committing mobile ad fraud and will generate fake clicks on a variety of seemingly genuine ads. And while malware infecting 56 apps may not seem like a lot at first glance, keep in mind that the 56 apps involved have already been downloaded more than one million times to date. Notably, some of the malicious apps managed to gain traction by simply copying the artwork from existing and already popular mobile apps.

“The Tekya malware obfuscates native code to avoid detection by Google Play Protect and utilizes the ‘MotionEvent’ mechanism in Android (introduced in 2019) to imitate the user’s actions and generate clicks,” the report reads.

“During this research,” the report adds, “the Tekya malware family went undetected by VirusTotal and Google Play Protect.”

The malicious apps were ultimately detected and removed from the Play Store. But again, that wasn’t until it they were cumulatively downloaded more than one million times.

For as bad as this all sounds, it’s actually not the biggest malware discovery to hit the Play Store in recent months. In fact, 1 million malicious app downloads isn’t all that staggering compared to other discoveries we’ve seen. This past August, for example, a popular Android app with well over 100 million downloads starting serving up malware to unsuspecting users in the form of intrusive ads and automatic signups for paid subscriptions.

And just last month, 24 apps which netted upwards of 382 million downloads were kicked off the Google Play Store for collecting user data and sending it back to China. Some of the apps in question also sought permission to access location data, record video and audio, and more.

Yoni Heisler Contributing Writer

Yoni Heisler has been writing about Apple and the tech industry at large with over 15 years of experience. A life long expert Mac user and Apple expert, his writing has appeared in Edible Apple, Network World, MacLife, Macworld UK, and TUAW.

When not analyzing the latest happenings with Apple, Yoni enjoys catching Improv shows in Chicago, playing soccer, and cultivating new TV show addictions.