Google Play Store had clicker malware hiding in 24 kids games and 32 apps
Despite Google's best efforts to improve the security of Android's app marketplace, be it by removing hundreds of apps that show deceptive or inappropriate ads on your phone or repeatedly removing and bringing back TikTok over espionage concerns, Google Play is still not as safe as Android users expect it to be.
We've learned from Check Point Research (via SlashGear) that another 56 apps previously available on Google Play have been running malicious code on users' phones. Disturbingly, 24 of those were polished-looking casual children's games, including Cooking Delicious and Let Me Go. Cooking Delicious alone had 100,000 downloads and a 4.5 star rating, showing ratings and download numbers alone aren't an indication of an app's legitimacy.
The malware, named Tekya, was spread by cloning legitimate popular games and apps (many aimed at children) on Google Play and relying on users mistaking the malicious clone with the legitimate app. Games and apps containing it were downloaded over 1 million times worldwide before being removed by Google.
After making its way to an unsuspecting user's phone, the Tekya malware would act on behalf of the user by clicking on ads in order to generate revenue from advertising agencies such as Google's AdMob, Facebook and Unity.
As a preventative measure, before installing an app, be sure to look at the comments under its Google Play page, as previous users would have likely pointed out any red flags. Installing the latest available security updates for your phone is also highly recommended.
With over 2.8 million apps available and a billion active users monthly, Google Play remains the most popular app marketplace in the world.
Cooking Delicious was among the most popular games infected with the malware.
The malware, named Tekya, was spread by cloning legitimate popular games and apps (many aimed at children) on Google Play and relying on users mistaking the malicious clone with the legitimate app. Games and apps containing it were downloaded over 1 million times worldwide before being removed by Google.
After making its way to an unsuspecting user's phone, the Tekya malware would act on behalf of the user by clicking on ads in order to generate revenue from advertising agencies such as Google's AdMob, Facebook and Unity.
Despite now being completely removed from the Play Store, it's possible that some of thеse apps still remain on many users' phones, in which case it's important to take measures immediately. For a technical description of the malware and a list of infected apps, refer to Check Point's page linked above.
As a preventative measure, before installing an app, be sure to look at the comments under its Google Play page, as previous users would have likely pointed out any red flags. Installing the latest available security updates for your phone is also highly recommended.
Things that are NOT allowed: