Google Play's new app checkers bypassed by aggressive adware apps

Lookout Mobile Security spots 12 versions of 'NotFunny' adware, downloaded 130,000 times

Aggressive adware is still finding its way on to Google's Play store according to one security firm despite claims by the software giant that it started using in-house experts to more reliably vet new apps some months ago.

Lookout Mobile Security said it noticed 13 examples of adware and malware-like apps on Play in recent weeks which vary in their severity. It's still hard to fathom why a user would want to download any of them given their documented behaviour nor why Google didn't detect and block them.

In 12 cases the offender was something called 'NotFunny' which poses as a variety of apps including Facebook and other utility widgets to attract interest before hiding its icon from anyone who installs it.

The motivation is to push ads at the user that can't easily be stopped. This particular app nuisance was being pushed from several developer accounts that might or might not be connected to one another.

A second and rarer example was 'HideIcon' which poses as a card game and then, as its name suggests, hides its icons from the user as a ploy to push more ads. Not only does it have no embedded terms of service -a serious no no - but was apparently removed from Play by Google several times before sneaking back on, Lookout said.

According to the firm, various incarnations of NotFunny had been downloaded at least 130,000 times globally and possibly up to 500,000 times. HideIcon was much lower at only 1,000 to 5,000.

On Tuesday, Google confirmed that it has in recent months been using staff to manually check apps before they appear on the site in an attempt to clamp down on rogue apps. Previously it had been using automatic systems to do the same job but this proved fallible.

"This new process involves a team of experts who are responsible for identifying violations of our developer policies earlier in the app lifecycle," said Google its Develop blog.

Reaction to the news was mixed. "While Google's announcement is welcome, this is not the end of the issue because of the rise in popularity of third party Android app stores," commented Roy Tobin, a threat researcher with security firm Webroot.

"Unlike iOS, where apps can only be downloaded from the iTunes store, Android devices allow third party stores where there are even fewer security processes in place."

In fairness to Google, the apps mentioned by Lookout are mild compared to the rogue apps that regularly found their way on to Google when the store started life. Google's vetting has improved dramatically in a matter of a couple of years although some still question the intrusiveness of many legitimate apps.

Google also said would introduce an age-rating system whose labelling would depend on local classifications - since 2009 the UK has used Pan European Game Information (PEGI) ratings that divide all software and games into age categories 3 years, 7 years, 12 years, 16 years and 18 years.

"To help maintain your apps' availability on Google Play, sign in to the Developer Console and complete the new rating questionnaire for each of your apps. Apps without a completed rating questionnaire will be marked as "Unrated" and may be blocked in certain territories or for specific users," said Google.

From May developers who don't fill in this rating form for each app will not be able to post it on the site.

Tags mobilemalwaremobile securityGoogleFacebookmobile applicationsLookout Mobile SecurityAndroid OS

Show Comments