Cybersecurity researchers from WhiteOps’ Satori Threat Intelligence and Research team have found a number of malicious apps on the Google Play Store that trick users into seeing unexpected ads.

The investigation by the security team dubbed “CopyCatz” found 164 apps on the Play Store that were masquerading as popular apps to garner downloads and trick users into seeing “whole bunch of unexpected ads,” according to a blog post by the firm.

The apps had over 10 million downloads. However, these apps have been removed from the Play Store, according to the post.

“The Satori team discovered that these apps contain code capable of displaying out-of-context ads under the com.tdc.adservice package,” the blog read.

How these apps behave is controlled using JSON (JavaScript Object Notation), a data-interchange format hosted on Dropbox. The apps were relatively easy to track as they all had the open-source Evernote job scheduler embedded inside used as a persistence mechanism.

Dropbox and Evernote were victims of the operation, WhiteOps clarified.

The apps ranged from gaming apps, internet speed testing apps and video and audio editing apps. The whole list can be found on WhiteOps' blog. Users have been advised to remove such apps and to only install the official version of popular apps from the Play Store to avoid such threats.

comment COMMENT NOW