17 Android Apps Caught Hiding and Displaying Aggressive Ads

We all rely on Apple and Google to keep malicious software out of its app stores, but the vetting system Google uses for Android apps is in desperate need of review.

17 vetted and popular apps have been hiding their presence on devices and showing aggressive ads to users.

The apps in question are listed below and in total have been downloaded over 550,000 times:

• Car Racing 2019
• 4K Wallpaper (Background 4K Full HD)
• Backgrounds 4K HD
• QR Code Reader & Barcode Scanner Pro
• File Manager Pro - Manager SD Card/Explorer
• VMOWO City: Speed Racing 3D
• Barcode Scanner
• Screen Stream Mirroring
• QR Code - Scan & Read a Barcode
• Period Tracker - Cycle Ovulation Women's
• QR & Barcode Scan Reader
• Wallpapers 4K, Backgrounds HD
• Transfer Data Smart
• Explorer File Manager
• Today Weather Radar
• Mobnet.io: Big Fish Frenzy
• Clock LED

As Bitdefender reports, none of the apps are classed as malware, but the best way to summarize what they are doing is as "riskware."

Each app uses a number of techniques to bypass Google's vetting system to ensure they make it on to the Play Store.

These techniques include, "waiting 48 hours before hiding their presence on the device, splitting the app's code into multiple resource files, and holding off displaying ads until 4 hours after app installation."

Ads are then displayed regularly, but randomly, so it's very hard to spot a pattern.

A job scheduling system is used to decide when to potentially show a new ad.

This can be triggered when a user is in the app and pressing buttons, or outside the app when, for example, the device is unlocked.

Tricking Google into thinking the apps aren't malicious seems to be an exercise in presenting themselves as "average." The right files form part of the apps and the long delay before ads are shown combined with the randomness of them being triggered seems to be enough to fool the vetting system.

Some reviews from users have flagged these apps as adware, but they remained live on the Play Store regardless.

Bitdefender has reported all 17 apps to Google and they are being removed from the store.

We all rely on Apple and Google to keep malicious software out of its app stores, but the vetting system Google uses for Android apps is in desperate need of review.

17 vetted and popular apps have been hiding their presence on devices and showing aggressive ads to users.

The apps in question are listed below and in total have been downloaded over 550,000 times:

• Car Racing 2019
• 4K Wallpaper (Background 4K Full HD)
• Backgrounds 4K HD
• QR Code Reader & Barcode Scanner Pro
• File Manager Pro - Manager SD Card/Explorer
• VMOWO City: Speed Racing 3D
• Barcode Scanner
• Screen Stream Mirroring
• QR Code - Scan & Read a Barcode
• Period Tracker - Cycle Ovulation Women's
• QR & Barcode Scan Reader
• Wallpapers 4K, Backgrounds HD
• Transfer Data Smart
• Explorer File Manager
• Today Weather Radar
• Mobnet.io: Big Fish Frenzy
• Clock LED

As Bitdefender reports, none of the apps are classed as malware, but the best way to summarize what they are doing is as "riskware."

Each app uses a number of techniques to bypass Google's vetting system to ensure they make it on to the Play Store.

These techniques include, "waiting 48 hours before hiding their presence on the device, splitting the app's code into multiple resource files, and holding off displaying ads until 4 hours after app installation."

Ads are then displayed regularly, but randomly, so it's very hard to spot a pattern.

A job scheduling system is used to decide when to potentially show a new ad.

This can be triggered when a user is in the app and pressing buttons, or outside the app when, for example, the device is unlocked.

Tricking Google into thinking the apps aren't malicious seems to be an exercise in presenting themselves as "average." The right files form part of the apps and the long delay before ads are shown combined with the randomness of them being triggered seems to be enough to fool the vetting system.

Some reviews from users have flagged these apps as adware, but they remained live on the Play Store regardless.

Bitdefender has reported all 17 apps to Google and they are being removed from the store.