History repeats itself again and again. While a vast fraudulent advertising campaign was discovered on Android and iOS a few weeks ago, a new wave of applications has just been pinned for the same reason, this time by security specialists at McAfee.
Drain battery and mobile data
In all, 16 applications installed more than 20 million times (cumulative) have just been ejected from the Play Store. Flahlight+, EZ Notes or even DX Clean pretended to be completely normal software, while they loaded and clicked on advertisements in the background, without the user seeing it. Whether, a priori, these apps did not steal personal data, their misleading behaviors had some annoying effects. By continually loading ads in the background, these apps could consume mobile data and drain your phone’s battery.
Ironically, the DX Clean app (which alone had over five million installs) promised to detect and eliminate apps that might be slowing down your phone or consuming a lot of mobile data. This software — appropriately called “ad clicker” — seemed perfectly harmless at first glance, but once installed, all they had to do was receive a fraudulent notification from a remote server to begin their misdeeds. “They visit the websites that are served by the notification and run through them in the background mimicking the user’s behavior. This can cause heavy network traffic and consume power without the user being aware of it“, explains McAfee.
To make matters worse, the security teams having discovered the pot of roses explain that “the malicious operation does not start within the first hour after installing the application; it is launched only when the user is actively using the device“. All this in order to make this behavior more difficult to identify.
Fortunately, the applications have been pushed out of the Play Store by Google and if you have the Play Protect services activated (which is normally the case by default on most Android mobiles), you should receive an alert telling you that malicious applications could be installed on your device. If your phone behaves abnormally, you can go to Settings ==> Security ==> Application Security to check that all is well. Alternatively, you can view the full list of pinned apps on McAfee’s site.