News of malicious Android apps hosted on the Google Play Store doesn't seem to stop coming these days, as ESET and Zscaler researchers recently disclosed they've reported nearly 100 malicious apps they recently come across.
The biggest batch comes from ESET security researcher Lukas Stefanko, who says that between March 16 and 21, he reported to Google 87 Android apps posing as Minecraft mods, but which, in reality, contained two malware (adware) strains.
In total, the researcher says, the apps reached up to 990,000 installs before Google took them down.
Stefanko says that none of these apps contained any legitimate functionality, being mere vessels for adware. The apps would only work during the installation process, focusing on luring the user into granting them admin privileges. Once this was achieved, the apps would then focus on their malicious behavior.
The researcher says 14 of the apps downloaded another component specifically designed for showing ads inside a special container, while the rest of the 73 apps simply opened a local browser and redirected the user to a site showing ads.
Of these, the first 14 were the most dangerous as the attacker could have very easily downloaded a more advanced malware on the user's smartphone instead of the adware component, such as a banking trojan or ransomware strain.
Stefanko provides instructions on how to uninstall some of these apps, and has also recorded a video showing how they behaved during and after their installation.
Also yesterday, Zscaler researchers announced they worked with Google to remove 12 malicious Android apps from the Play Store, four of which were downloaded between 10,000 to 50,000 times before they were discovered.
The apps were disguised as QR/barcode scanners, photo editors, faster battery chargers, games, compass and voice recorder, among others.
Just like the apps discovered by ESET, these too were focused on displaying ads, launching unwanted YouTube videos, redirecting users to ad-infested sites via their browser, or downloading, installing, and launching apps on the user's smartphone.
Both reports come one day after Google published its yearly Android Security Report, which contains the following statistics: