“The apps were found to be updated with malicious backdoors that could download user files even if they force-stopped it.”
Google has removed around 20 rogue battery draining apps from the Play Store in its latest anti-malware ban. The apps that were removed from the online storefront had already reached 2 million downloads before the company decided to delete them.
Based on the reports, it has been found that around 22 apps contained a device backdoor that granted them to secretly download files from the background without users’ notice. While going live on Google Play, some of the apps did not contain the malware but it was added later through ‘updates’. It can be said that through these activities, even the apps that appear to be safe could become malicious with just a simple update.
By the time Google removed the apps, they were being used in order to “click endlessly on fraudulent ads” as stated in a report. The programming of the apps was such that even if the users force-shut them, they could automatically start and run in the background which could result in battery draining and bandwidth consumption.
The rogue app list includes a flashlight app, Sparkle Flashlight that entered Google Play around 2016 and had been downloaded more than 1 million times, as reported by one of the antivirus providers. It had been provided with an update in March 2018 with a backdoor that could secretly download files.
The main motive behind this is to allow the attackers to create false ad impressions by persistently running the app and imitating ad clicks. Moreover, the impressions of these fraudulent ads were designed to appear as if they came from iPhone users. The reason behind such activity held on the notion that iPhone users are considered to be wealthier since iOS users spend more for in-app purchases than Android users.