Today marks the latest occasion of malware-infected apps being detected on the Google Play Store — the third one this month. But while in the previously-reported cases the malicious apps were used for stealing private data or displaying obtrusive ads, today's crop is more concerned with using your phone to farm fraudulent ad clicks.
The way this works is simple: infected apps are constantly requesting ads and then claiming the user has clicked on them, which generates ad revenue for the fraudster. And although this may not sound like that big of a deal, it results in both battery and mobile data drain, as well as potential lag on low-end devices. Or to put things in perspective, a single app left overnight requested more than 3,000 ads and "clicked" on 169 of them.
The numbers associated with this kind of malware are impressive, too: more than 300, with a cumulative 4–14 million installs. The apps themselves are mostly live wallpapers or simple utilities — the researchers specifically pointed the finger at the following app developers: Attunable, Classywall, Firamo, FlameryHot, NeonApp, Goopolo, Litvinka Co, Livelypapir, Tuneatpa Personalization, Waterflo, X Soft, and Zheka.
The research comes from ad fraud detection agency eZanga, who claims to have immediately notified Google of the malicious apps. And while Google has historically been quick to take action in similar occasions, it seems clear its current malware detection practices aren't working as well as they should be.