Following an investigation by security firm Check Point, Google has deleted 60 games from the Play Store that were infected with a malicious bug, which among other things injected pornographic ads into games targeted at children. According to Google Play’s public data, the games had been downloaded between 3 million and 7 million times.
The malware, which Check Point dubbed “AdultSwine,” attacked users in three ways, with the pornographic ads only being one. In addition, the malware tried to get users to install fake security apps, themselves often ridden with malware, or register for a premium service using their phone number.
Check Point has a full list of the affected apps in its post on the issue. The most popular include Five Nights Survival Craft, Mcqueen Car Racing Game, Addon Pixelmon for MCPE, CoolCraft PE, and Exploration Pro WorldCraft. Check Point didn’t explain how the malicious code found its way inside otherwise-innocuous apps, but it did demonstrate how the attack worked once the game was downloaded. After a download, the app only had to wait for a reboot, or for the user to unlock their screen, to start sending information back to a command and control server, which would then serve the ads.
In a statement to the Financial Times, a Google spokesperson said “We’ve removed the apps from Play, disabled the developers’ accounts, and will continue to show strong warnings to anyone that has installed them. We appreciate Check Point’s work to help keep users safe.”
The problems come shortly after the revelation of another child-safety issue on YouTube, another Google-owned platform. In that instance, inappropriate videos were finding their way onto the YouTube Kids platform, which was supposed to be only populated with child-friendly content.