Google Play Apps Inundate Users with Ads and Track Their Data

Researchers at Trend Micro discovered 36 apps available in the Google Play store advertised as security tools or device performance boosters that also harvested users’ data, tracked users’ locations, and inundated users with pop-up advertisements. After installation, the apps did not appear on the device’s application list nor as a shortcut on the device screen. Users would only see notifications sent by the apps, which would often appear as false security warnings. If a user clicked on the security notification, the application displayed a message stating that the supposed security problem had been fixed in an attempt to convince the user of its legitimacy. However, while the app displayed the notifications, it collected users’ device data and sent it to a remote server. Trend Micro notified Google who has since removed all affected apps from the official Google Play store. The NJCCIC recommends all users and administrators of Android devices review the Trend Micro report, run a reputable antivirus application on all devices, avoid downloading apps that require excessive device permissions, promptly remove apps that execute unexpected or unwanted behavior, and keep all devices and apps updated.