ESET unveiled fake apps available at the official Google app store. posing as trendy game cheats, like Cheats for Pou, Guide for SubWay and Cheats for SubWay, these fake apps were installed in quite 200,000 times during a single month, as per ESET security researchers.
The apps deliberately show adverts 30-40 minutes, disrupting traditional use of users’ android devices.
The fake apps, detected as Android/AdDisplay.Cheastom, deploy various techniques to evade detection by Google bouncer - the technology Google uses to stop malicious apps from getting into the Google Play store. additionally, the apps contain self-preservation code to create their removal problematic.
“These aggressive ad-displaying apps plan to hide their capability from security analyst by deploying techniques, that succeeded in being downloaded over 200K times during a single month,” said by Lukas Stefanko, Malware analyst at ESET.
“The anti-Bouncer technique utilized by these apps obtains the ip address of device and accesses its WHOIS record. If the data came back contains the string ‘Google’, then the app assumes it's running in bouncer. When the app detect an emulator or Google bouncer setting, the ads don't seem to be displayed. Instead, the app will merely give game cheats, obviously.”
ESET notified Google and these unwanted applications have currently been taken off from the Google store.
“Although it’s great that Google removed the apps from the android Google Play store when we enlightened them of the problem, it's clear that a lot of attempts are going to be created to bypass Google bouncer and spread apps containing undesirable code,” said by Stefanko.
