Following the exposure of a number of Adware hidden in cameras and VPN applications in late September, the research team from the network security research company ESET recently found 42 new Android apps embedded with Adware on the Play Store. The apps involved, installed eight million times, use several tricks for stealth and persistence.
As explained by ESET security researcher Lukas Stefanko in the blog post, once the user downloads and installs this type of application, the ad will pop up in full screen at random. The 42 Adwares discovered this time have also taken some tips to hide their advertising purposes for as long as possible.
Like all Adware, these applications quietly collect user device data. Stefanko wrote in the blog post: “Once launched, the app starts to communicate with its C&C server (whose IP address is base64-encoded in the app). It sends “home” key data about the affected device: device type, OS version, language, number of installed apps, free storage space, battery status, whether the device is rooted and Developer mode enabled, and whether Facebook and FB Messenger are installed.”