Google removes a handful of rogue battery-draining apps from the Play Store

Google removes a handful of rogue battery-draining apps from the Play Store
Google has been on a roll lately, pulling shady apps from the Play Store. In its latest bout of anti-malware bans, the company removed some 20 apps from its online storefront, but not before they raked in over 2 million downloads worldwide.

The latest round of takedowns has to do with 22 apps that used a backdoor to enable developers to simulate ad clicks. This not only allowed the fraudulent devs to make cash from advertising companies, by giving them fake impressions, but also affected unknowing users with severe battery drain and bandwidth consumption, a new Ars Technica report reveals.

According to the report, and based on observations from antivirus provider Sophos, the rogue apps used a “device-draining backdoor” that allowed attackers to download files in the background, without user notice. What's more, some of these apps didn't have the malware when they went live on the Google Play Store, but were "updated" later to enable the backdoor. This is a worrisome revelation, as it suggests that even apps that are initially deemed safe could become malicious further down the line with a simple update.

The apps were used to "click endlessly on fraudulent ads," the Ars report states. The malicious software allowed the apps to automatically start and run in the background even after a user force-closed them, resulting in severe battery drain and bandwidth consumption.

The goal of this backdoor is to allow attackers to create fraudulent advertising impressions by constantly running an app and simulating ad clicks. What's more, according to Sophos, the impressions were made to appear as though they were coming from iPhone users. This was done because iPhone users are perceived to be more lucrative, due to the average spending on apps and in-app purchases on iOS being higher than on Android.

One of the most popular of the removed rogue apps is Sparkle Flashlight, which went live on Google Play sometime in 2016 or 2017 and has since garnered over a million downloads. It was updated in March of this year to open the malicious backdoor, the report states. You can find the full list of removed apps here.

FEATURED VIDEO

4 Comments

1. maherk

Posts: 6933; Member since: Feb 10, 2012

Does this mean that they removed Facebook, Instagram, and Snapchat as well?

2. lyndon420

Posts: 6822; Member since: Jul 11, 2012

What gets me, is why would anyone in their right mind download an app called sparkle flashlight? All of our phones have flashlight functionality built in...so why download an app for it that asks for internet connection? Also...this is another reason why none of my apps are allowed to auto-update. Every single app on my phone (with the exception of my banking app) has wanted an update for months, but they're all working fine so I don't update them.

3. Peaceboy

Posts: 640; Member since: Oct 11, 2018

Google needs to remove 75% of its app. They’re all garbage and useless junks. Spy and malware.

4. bucknassty

Posts: 1350; Member since: Mar 24, 2017

remove that arlo crap too

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.