It’s no secret that the Android operating system is more vulnerable to unwanted intrusions than many of its users would like, but based on a recent report from the Avast antivirus team, it looks like the issue might be even worse than we thought.
According to the report, many seemingly innocuous apps on Google Play are riddled with adware, occasionally forwarding users to otherwise legitimate companies. Some of these apps have already been downloaded by millions of users as well, which means a vast majority of infected Android users probably don’t even know they’re infected.
The most popular malicious app that Avast could find was a card game called Durak — Google Play notes that the app has amassed between 5-10 million installations.
“When you install Durak, it seems to be a completely normal and well working gaming app,” says Avast. “This was the same for the other apps, which included an IQ test and a history app. This impression remains until you reboot your device and wait for a couple of days. After a week, you might start to feel there is something wrong with your device.”
You’ll suddenly start seeing ads appear every time you unlock your device, warning you that your device is infected or needs an update. If you click through, you’ll be redirected to malicious pages that could cause even more harm and potentially result in you being signed up for a premium SMS service that you have no interest in.
The biggest surprise was that the ads would occasionally forward users to the Google Play store pages for major, legitimate security apps. Are these companies paying to have the adware redirect traffic to their apps? It certainly looks that way.