Several different apps containing malware bypassed security checks in Google Play, being downloaded over 500,000 times by hundreds of thousands of Android users.
Through a mixture of devious coding and delaying any initial bursts of negative effects, the malware was disguised by apps that portrayed false intensions, waiting for six hours upon installation before flooding the user’s phone with adware, webpages and notifications containing ad-related links.
The purpose behind the malware is to create click-based revenue for the attackers, as the general nature of the apps granted the attackers a large number of downloads. It is suspected that the malware might have reached a million people throughout its spread.
Regardless, hardware and software security giants Sophos continue to recommend Android users to download apps from the Play Store, as it remains safer than third-party app stores.