A recent report has revealed that more than 43 Android applications available on the Google Play Store are displaying ads even when the mobile screen is turned off. This not only goes against Google Play Developer policy on ad display, but it also poses potential risks to users.
When users attempt to open their home screen, they may catch a glimpse of these ads. While this may seem less annoying compared to ads that pop up during app usage, it is still a breach of policy. Moreover, these apps are not only draining the battery of user’s smartphones but also consuming more data.
Researchers at McAfee have discovered that these apps, which include TV/DMB players, Music downloaders, News, and Calendar categories, have collectively been installed over 2.5 million times. This indicates a significant number of users who could potentially be affected by this issue.
The alarming aspect of these apps is the fact that they managed to evade Google’s scans and inspections before being made available on the Play Store. These apps were able to modify the latency period of the fraudulent ad activities, making it difficult for detection.
Furthermore, these apps have libraries that can be remotely modified by the developer, allowing ads to be pushed using Firebase Storage or Messaging service. This remote modification capability adds another layer of risk, as it opens up the possibility of information leaks and clickjacking attacks.
To address this issue, users are advised to exercise caution when granting permissions such as “power saving” and “draw over other apps” to any application. These permissions allow apps to perform discreet activities in the background, including displaying ads when the screen is turned off.
McAfee researchers have already reported most of these applications to Google, resulting in their removal from the Play Store. However, it is essential for users to remain vigilant and regularly check the permissions granted to each app installed on their devices. By revoking unnecessary permissions, users can minimize the risk of falling victim to such malicious apps.
To help users identify potential indicators of compromise, McAfee has provided a list of domains associated with these malicious apps. It is recommended that users familiarize themselves with these indicators and exercise caution when encountering them.
In conclusion, the discovery of these 43 Android applications displaying ads even when the mobile screen is turned off highlights the need for stricter measures to ensure the safety and privacy of users. While Google has taken action and removed these apps from the Play Store, it is crucial for users to remain cautious and regularly review app permissions to mitigate potential risks. Stay informed about the latest cybersecurity news by following reputable sources and taking steps to protect your devices and personal information.
Albanian 
English 
Serbian 
Croatian 