Mobile Security Company Lookout has reported that more than 500 apps on Google Play Store contain adverting malware which has the capability to download nefarious plug-ins that can spy on Android users. This includes call history, contacts, images, photos, messages, and content related to banking apps such as e-wallets.
The bad news is that the said apps were downloaded more than 1 million times each by Android device owners.
And the good news is that Google reacted immediately by removing the advertising software development kits (Ad SDK) infected apps from its app store as soon as it received an alert from Lookout.
Google released a security report on the issue on August 21st, 2017 and concluded that not all of the apps ultimately possessed the spyware functionality. But said that they were developed by SDK admins in such a way that they could initiate downloads related to plug-ins leading to espionage at any time.
On the other hand, LookOut researchers found that ad SDK is primarily targeting Chinese developers who are into the development of apps related to teen friendly games, weather forecasts, internet radio, photo editing, education, health and fitness and emojis and home video capabilities.
LookOut specified in its report that Google should start filtering apps developed by app developers from Asian regions and should begin banning all apps which perform suspiciously.
In the meantime, Symantec Corporation issued a media briefing a few hours ago which says that ad SDK is a product variant of Igexin which has been existing in the malware world since 2015. It further added that Igexin has the ability to download secondary code with or without the permission of app users.
Note- Offering apps which are ad free often work in favor of app developers as it increases downloads. But at the same time, the best way to monetize an app is to link it to an Ad SDK library.
