Researchers from Check Point, ZoneAlarm’s parent company recently discovered 56 apps downloaded from the Play Store, 24 of which were children apps.
Over the years, millions of mobile phone users have unintentionally downloaded malicious apps that have the ability to compromise their data, credentials, emails, text messages, and geographical location. Some of these malware come as a “family” of malware, such as in February 2020, when the Haken malware family was installed in over 50,000 Android devices through 8 different malicious apps, all of which seemed to be safe initially.
Recently, Check Point’s researchers identified a new malware family that was operating in 56 applications and downloaded almost a million times worldwide, named ‘Tekya’. This new malware family’s goal is to commit ad fraud. It works by imitating the user’s actions in order to click ads and banners from agencies like Google’s AdMob, AppLovin’, Facebook, and Unity.
Of the 56 Tekya-containing apps found, twenty four of those apps were aimed at children (with apps ranging from puzzles to racing games), while the remaining being utility apps (such as cooking apps, downloaders, calculators, translators, etc.).
Luckily, these infected applications have all been removed from Google Play. However, this shows once again that the Google Play Store can still be a host for malicious apps. With hundreds of new apps being uploaded daily and 3 million existing apps, it’s a difficult task to check that every single app is safe. Thus, relying on Google Play’s security measures alone to ensure their devices are protected is risky.
If you suspect you may have one of these infected apps on your device, here’s what you should do: