By now, the pattern is pretty familiar. In spite of the company stepping up its detection efforts, Google can’t seem to eliminate sketchy applications from sneaking their way into the Google Play Store where they often rack up millions of downloads before being found and eliminated.
The latest culprits that have been found are a handful of camera and VPN apps that have collectively racked up several hundred million downloads.
The camera apps in question include Sun Pro Beauty Camera and Funny Sweet Beauty Selfie Camera, both of which were identified by researchers at Wandera as serving adware while also garnering more than 1.5 million downloads between them before being pulled from the Play Store.
Naturally, the researchers encourage anyone who still has either of these apps on their phones to get rid of them. The apps also requested a number of dodgy permissions, including to be able to record audio at any time as well as the launch of a system alert window that allows the app to “trick the user into clicking something he did not want. “Intrusive out-of-app ads interrupt users in the middle their workflow, brick their devices, drain the device battery, and in some cases, infected devices need to be replaced altogether,” the Wandera researchers note, by way of adding context about the seriousness of the problems found with these apps.
Regarding the VPN apps, meanwhile, a New Zealand-based researcher came across four with more than 500 million downloads that he said commit ad fraud. The apps are Hotspot VPN, Free VPN Master, Secure VPN, and Security Master by Cheetah Mobile. “In case of outside ad fraud,” researcher Andy Michael writes in a blog post explaining his findings, “ads pop up while apps are running in the background or even outside the app environment (e.g. ad views placed on the home screen and covering app icons that users must reach to start new apps).
“As a user, not only do I think it’s treacherous for a privacy app to abruptly intrude my phone screen, but the constant HTTP requests keep the phone CPU heated and drain phone battery.” Just as important, as The Next Web notes, is the fact that this quartet of apps originates from China and Hong Kong, where the so-called Great Firewall means citizens regularly seek out VPN apps like these to get around it.