Cases of malware and other forms of malicious apps are common on the Android platform. Due to the high volume of malicious apps lurking around the platform, most Android stck and download apps only from the Google Play Store.
Google on its part has been working hard to keep the Play Store safe and free from any form of malicious apps but from time to time we hear of malicious apps still sneaking into the store.
Latest news from security firm SophosLab says that some Android apps have managed to sneak in a malware into the Play Store which then uses the users device for click-based advertising so as to earn fraudulent money for the developer(s).
According to the security firm, a total of 7 QR code and compass apps have been seen to belong to a new malware family called Andr/HiddnAd-Aj. This form of malware generates revenue for its creators by unleashing notifications, full screen ads, and ad-related webpages. These apps have received more than 500,000 downloads but as at the time of this post, Google had kicked them off the Store.
In its fight to make the Play Store safe for users, Google recently removed more than 700,000 bad apps from the Play Store and 100,000 malicious developers. Despite all these, SophosLab still recommend Android users to still download apps from the Play Store due to the constant check carried out.
"Google's app vetting process is far from perfect, but the company does at least carry out some pre-acceptance checks. Many off-Market Android app repositories have no checks at all - they're open to anyone, which can be handy if you're looking for unusual or highly specialised apps that wouldn't make it into Google Play (or trying to publidh unconventional content)," Paul Ducklin of SophosLabs said in a blogpost.