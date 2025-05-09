The latest threat to Android phone owners is one that tricks them into installing certain apps that create problems as soon as they are downloaded on their handsets. Dubbed "Kaleidoscope," this is an ad-fraud attack with legitimate apps available in the Google Play Store. There are malicious counterparts to these apps found in third-party app stores, which contribute the fraudulent ads.





IAS Threat Labs has given this attack the Kaleidoscope name because it is always changing to avoid detection. According to the data, 2.5 million new devices are compromised each month, with 20% of these found in India. Other areas where Kaleidoscope has been discovered include Indonesia, the Philippines, and Brazil. Driving the expansion of this threat are the installation of malicious apps via third-party app store fronts.









Kaleidoscope works like this. An Android user installs an app from the Play Store that looks and even runs like a legitimate app. A malicious duplicate of the app is listed in a third-party app store; messages and social media direct users to install the malicious version of these apps via the third-party app stores and direct installs. The Android device owner thinks that he has installed a legitimate app, and advertisers believe that their ads are being viewed on legit apps.





Instead, once the malicious version of the app is installed on a phone, it shows intrusive ads, including full-screen images and videos that do not require any interaction from the user to run. You can see how annoying this could be to the unlucky device owners who end up with a phone that is making big bucks for cyber-criminals and prevents users from viewing their displays.





Flagged titles have been removed from the Play Store by Google , and the latter adds that it will protect Android users from known versions of Kaleidoscope. The ad resellers involved in this scheme are said not to be very diligent in vetting the quality of the ad inventory they are delivering to advertisers. Usually, this type of malicious adware will cause a phone to overheat, drain the batteries quickly, and lead the device to run slowly with laggy performance.





An incredible 2.5 million new installs of Kaleidoscope-infected apps take place each month making this a very serious and dangerous situation for Android users.

