The Android maker puts active efforts in removing these malicious apps from the Play Store. Google has just removed 38 apps that infested Android smartphones with malicious advertisements. They serve no legitimate purpose. In some cases, the apps made it nearly impossible for users to delete them.
A report by Bot mitigation company, White Ops, states that all apps on Google Play Store are developed by the same group of developers. The research points out that 21 out of 38 apps appeared on Google Play in January 2019. They were quickly removed from the Google Play Store after their malware-like behaviour detected.
The research paper reads, “But even with an average of less than three weeks of time on the Play Store, the apps found an audience: the average number of installs for the apps we analysed was 565,833. Historically, packing binaries is a common technique malware developers use to avoid being detected by security software like antivirus. Packed files in Android are not new and can’t be assumed to be malicious, as some developers use packing to protect their intellectual property and try to avoid piracy.”
The second method that these apps used to avoid getting detected by Google Play Store policies is by using Arabic characters in various places of the source code. This method of obfuscation helps in reducing readability, avoiding further detection.
Another research firm has warned earlier this month that Play Store is not getting any safer. In the first quarter of 2020, researchers found a number of malicious Android apps that doubled year-on-year basis this year.
The 38 apps that Google has just removed have been downloaded and installed more than 20 million times. White Ops research describes this as a cat and mouse game, in which Play Store hunts down the fraudster and keeps them in check by removing fraudulent apps as soon as they are discovered.