“We have a good working relationship with Google’s security team,” Daniel Padon, a Check Point researcher, tells Giftofaservant.
However, even after Google deleted the apps from Play, the malware will continue to live on in people’s phones until they get rid of it.
“We’ve removed the apps from Play, disabled the developers’ accounts, and will continue to show strong warnings to anyone that has installed them,” a Google spokesperson says. “We appreciate Check Point’s work to help keep users safe.”
Once a person downloaded one of the infected apps, pop-ups would either alert them that they had a virus and direct them to a fake security app, convince them to enter their phone number through a contest to win an iPhone, or show them pornographic content. The latter is particularly disturbing considering that most of these infected apps were games or drawing tutorials intended to entice kids.
Although the apps would likely be most appealing to kids, Google says that they wouldn’t have appeared in what Play calls its Designed for Families section, where it recommends safe, appropriate ads for children. However, the search giant did come under fire earlier this year when YouTube, its video site, allowed disturbing videos to infiltrate its official feeds for children.
Although Google actively scans the Play store for malicious code, policing its vast, ever-evolving catalog of apps is a challenge.
The company is “struggling to keep certain malware outside the App store” because some nasty code can only be detected by dynamically analyzing the context of an app’s actions, which is hard to do, a Check Point researcher explains.
“‘AdultSwine’ and other similar malware will likely be continually repeated and imitated by hackers,” Check Point says. “Users should be extra vigilant when installing apps, particularly those intended for use by children.”