Once upon a time, the Google Play Store was one of the most trusted online markets. However, it seems as if Google is losing the battle against dubious Android software. In July 2019 alone, the Google Play Store hosted well over 200 harmful applications. The troubling thing about it is, these dangerous apps were downloaded approximately 32 million times between July and August.
Out of the 200 harmful apps, 188 of them contained hidden ads and comprised 19.2 million out of the 32 million installs. According to a report published and compiled by ESET, The remainder of the offending apps were adware droppers, subscription scams, ad fraud, stalker were bogus antivirus tools, software with built-in backdoors, or completely fake altogether.
The most interesting thing to come out of the ESET report was the fact that, while there were only a few subscription-based scam applications found on the Google Play Store in 2019, they comprised over a third of the total downloads (or approximately 12 million installs). And while hidden advertisements may not sound all that bad, these kinds of apps tend to hide their icons from the user or don’t have icons at all. For the most part, adware droppers have no functionality what-so-ever other than turning your handheld device into a fullscreen ad zombie.
Lukas Stefanko, a malware researcher for ESET, said in an interview that when his team tried to contact Google about this issue, no one at the tech giant was willing to comment one way or another. As of 2020, Google has still failed to discuss the matter with ESET.
What Are Some of the Biggest Dangers Posed by Dubious Apps?
Back in the day, smartphone viruses didn’t pose that much of a threat. The worst-case scenario was that your Android or iPhone became an expensive brick. Nevertheless, if the user was able to shut their phone down in time, it might have required a trip to the repair shop at most.
Viruses made themselves known way back.
Today, however, cybercriminals have grown far beyond bricking users’ smartphones for kicks; it’s all about getting paid. This means the less conspicuous their exploits are, the better it is for their bottom dollar. Just as most organizations are all about the data, cybercriminals, too, are all about collecting as much sensitive data about you as possible. How dangerous they depend on the type of vulnerable data criminals can collect.
If you thought ransomware only targeted company networks and computers, you are gravely mistaken. Many smartphone users have financial apps on their smartphones, and hackers know this quite well. They are also aware that most smartphone users tend to become complacent when it comes to mobile online security. This complacency might be a result of people using their phones so much that they lower many of the security restrictions intended to prevent such attacks.
Security measures such as not allowing automatic downloading of third-party applications from a web browser or even using “YouTube to MP3/MP4” download sites to download free songs from YouTube. So-called download sites (whether it be YouTube to MP3/MP4 or online file “conversion” sites, for example) may try to sneak malware or adware in with the file you download. And even those sites that have good intentions can be plagued with malicious links (usually in the form of seductive advertisements).
Usually, this is the general rule of thumb: if the “download” site you are visiting has a bunch of blinking ads (especially confusing ads with green arrows saying “Start Your Download Here”), get out of there as fast as you can. The purpose behind all of the misleading advertisements is to get the user to click the wrong thing by accident—it only takes a single click for a malicious link to download ransomware onto your Android or iOS device discretely.