Google has either removed or updated a massive trove of applications on the Google Play Store that were found having an adware that rendered smartphones unusable, Lookout has said. The cybersecurity company said that it discovered 238 unique applications that with BeiTaPlugin adware. Cumulatively, these applications amount to over 440 million installations. According to Kristina Balaam, Security Intelligence Engineer at Lookout, the plugin forcibly displays ads on the user’s lock screen, triggers video and audio advertisements even while the phone is asleep, and displays out-of-app ads that interfere with a user’s interaction with other applications on their device.
Now before a deep dive into the findings, let's first understand what an adware is. Adware is any software application in which advertising banners are displayed while a program is running. The ads are delivered through pop-up windows or bars that appear on the program's user interface. Developers use adware to generate revenue in two ways: first, by displaying the advertisement, and second on a “pay-per-click” basis, if the user clicks on the advertisement.
Balaam says that all of the apps released with BeitaPlugin were published by mobile internet company CooTek, which was founded in 2008 in Shanghai. CooTek is popular for its keyboard app, TouchPal. The adware in TouchPal and apps with this adware render the phones nearly unusable. Users have reported that they were unable to answer calls or interact with other apps due to the persistent and pervasive nature of the ads displayed. She says that these ads do not immediately bombard the user as soon as an affected application is installed. They become visible at least 24 hours after the application is launched.
This is not the first time that Google has removed such apps from the Google Play Store. In January, Japanese IT security company Trend Micro found 85 Adware-fueled apps on the Google Play Store that were disguised as games and TV remote control apps. These apps reportedly infected millions of users globally. Detected with AndroidOS_HidenAd adware, these apps displayed full-screen ads and monitored a device’s screen unlocking functionality.