MILLIONS download apps in Google Play store designed to spy and plaster devices with full-screen ads

MILLIONS of people downloaded apps from the Google Play store designed to spy on users and plaster devices with full-screen ads

  • Millions of users were infected by dozens of apps in the Google Play store 
  • The apps spied on users and foisted full-screen ads onto screen 
  • Apps have been deleted from the store but may still be on third-party stores
  • Software has been linked to a college student in Vietnam 

Dozens of Android apps have been undermining the privacy of millions of users and covertly foisting ads onto their screens, say researchers.

Internet security firm ESET says it discovered 42 apps on the Google Play store that have been infecting Android phones with adware designed to steal device information and plaster screens with full-size ads.

Those apps were downloaded by users 8 million times since they were introduced in July 2018, reports TechCrunch. 

Adware has been covertly stealing users information and plastering full-screen ads on millions of users’ Android devices, say security researchers (Stock image) 

According to TechCrunch, those apps include Video Downloader Master, which alone has 5 million downloads, and Ring Tone Maker Pro which has 500,000 downloads.

Once installed, the infected apps employ a number of techniques to remain installed for as long as possible on a device, including posing as Google or Facebook apps to avoid being detected.


Adware is a type of malicious software that is designed to collect information on users and serve them ads without their knowledge.

It’s often downloaded unwittingly by users and compromises security while hiding its existence.

According to security researchers at Kaspersky Labs:

‘Adware is the name given to programs that are designed to display advertisements on your computer, redirect your search requests to advertising websites and collect marketing-type data about you – for example, the types of websites that you visit – so that customized adverts can be displayed.’

The apps also often deleted their own shortcut making it more difficult for users to remove them from their device.

Some of them also monitored devices to see if they were connected to Google’s servers and recognize if the company was running a security check. 

If they recognized that Google was running a security test, the apps automatically refrained from posting ads.

While running in the background, malicious software exported information about unwitting users’ devices to creators, including what apps are installed on the device and whether it allows apps outside of the mainstream app store to be downloaded.

Researchers say this would give the adware’s proprietors insight into whether the device is vulnerable to a more serious malware attack. 

Google has reportedly removed all of the exploitative ads but according to researchers they may still be available in third-party app stores.

Security experts say they’ve linked the attacks to a college student attending a university in Vietnam.