500 apps riddled with spyware, downloaded more than 100 million times removed from Play Store


More than 500 apps which were found to contain spyware have been removed from the Google Play Store.

According to a report by ZDNet the apps were “collectively downloaded over 100 million times from the Google Play store,” and “could have been used to secretly distribute spyware to users, thanks to a malicious advertising SDK (software development kit).”

The apps were found to contain the malicious SDK known as Igexin which was developed by a Chinese ad agency to help the display targeted ads to Android users.

However, the SDK was found to be vulnerable to hackers and could be used install malware onto Android devices and spy on users.

Researchers from security firm Lookout were the first to spot that Igexin was present in the 500 apps.

Image: Lookout

While lookout has not produced a definitive list of infected apps, it did name two apps, ‘LuckyCash – Earn Free Cash’ and ‘SelfieCity’, which together have been downloaded more than 6 million times as among those infected.

The security firm said that the infected apps, which were mainly targeted at teenagers, have been downloaded more than 100 million times.

One of the apps was able to record call logs and GPS location data.

“It is becoming increasingly common for innovative malware authors to attempt to evade detection by submitting innocuous apps to trusted app stores, then at a later time, downloading malicious code from a remote server,” Lookout said in its blog post.

“Igexin is somewhat unique because the app developers themselves are not creating the malicious functionality – nor are they in control or even aware of the malicious payload that may subsequently execute.

“Instead, the invasive activity initiates from an Igexin-controlled server,” the firm added.

In a statement, Google later confirmed the apps had been removed:

“We’ve taken action on these apps in Play, and automatically secured previously downloaded versions of them as well. We appreciate contributions from the research community that help keep Android safe.”


Comments are closed.