Google has made headlines in recent months, both here and elsewhere, for its crackdown on malicious apps in its proprietary app marketplace, as well as on apps that cross all kinds of lines regarding appropriate practices. Back towards the end of April, you may recall, it came to light via a BuzzFeed investigation that Google was moving to ban one of the biggest Android app developers (DO Global) from the Google Play Store after several of its apps were caught committing ad fraud, among other concerns.
Unfortunately, we have to again report a similar turn of events. Researchers from the mobile security firm Lookout announced that 238 apps that had been downloaded in aggregate more than 440 million times from the Google Play Store were found to contain the BeiTaAd Plugin. That’s a strain of adware that can apparently render a mobile device almost unusable.
In the Lookout report, security intelligence engineer Kristina Balaam notes that the number of downloads makes this family of apps “unique in its prevalence and the level of obfuscation used to hide the plugin’s existence.” You can check out the full report here. It explains, among other things, the BeiTaAd Plugin was found hidden in emoji keyboard TouchPal, along with 237 other applications that were all published by China-based CooTek (with the report also identifying the apps in question).
After Lookout reported what it found to Google, all of the apps were reportedly either yanked from the Play Store or updated with new versions that don’t contain the plugin.
After you installed the apps, they would seem fine for anywhere from a day to a couple of weeks. After that point, however, they would start displaying “out of app” ads that are just what that name implies. The ads would start popping up on your lock screen, for example, or triggering random video even when the phone was ostensibly asleep.
“While out-of-app ads are not particularly novel, those served by this plugin render the phones nearly unusable,” the Lookout report points out. “Users have reported being unable to answer calls or interact with other apps, due to the persistent and pervasive nature of the ads displayed.”
All of which serves, of course, as yet another reminder (as if one was needed) that abuse of Google’s app marketplace remains an ongoing problem thanks to developers who continue finding ways to sneak past Google’s ability to police its store.