While Google is continuously battling against malware in Android, apps with an adware surfaced on the Play store that reached as many as six million downloads.
According to researchers from UK-based SophosLabs, a total of 47 apps on Google Play include a third-party library to serve pop-up ads. Some of the reported apps continue to display the ads even after users force close the app.
One such library, MarsDae is spreading a pop-up torrent. The library has affected all the Android devices ranging from Android v2.3 to Android v6.0 (Marshmallow). Moreover, one of the apps by MarsDae is Snap Pic Collage Color Splash. The app has 100,000 downloads and is still available on Play Store.
“Once dropped on an Android 5 and 6, the library repeats a series of steps to keep the ads running,” said Bill Brenner, a security researcher who writes at Sophos’ Naked Security, in a blog post.
Infinite loop of background processes
Once you install the infected app, it starts display ads even on the home screen of your Android device. It runs the code and starts a number of Android processes in the background. The app even creates a file and locks it. Notably, each of the running processes creates another file. The never-ending cycle of new processes continuously repeats until you uninstall the app.
Sophos security research firm has published the list of applications that are infected and still active on Google servers.
Google has not responded to the submitted report by Sophos. However, some of the suspicious apps are silently removed from the Play store.