In Google’s latest clean-up of malware-laden apps on its Play Store, the company has removed almost two dozen applications that had been infected with malware known as LightsOut.
The news was confirmed in a security firm's blog post (opens in new tab), which noted that 22 apps had been taken down, although only after having been downloaded millions of times in total.
LightsOut was found to serve advertising to unsuspecting users, advertising which was usually completely out of context to whatever the users were doing at the time.
The apps in question were mostly flashlight apps, which when downloaded, would display a menu with additional options. One of them is to display ads when on WiFi, when a call ends, when the screen is locked or when the phone is charging. But even if the users opted out, they would still see the ads.
The malware would even remove the icons from the phones, making it even harder to remove the app.
Google employs Check Point Software Technologies to scan for malicious code in its store apps, with the company revealing that these apps were downloaded up to 7.5 million times worldwide.
"This is a purely malicious activity, as it has no other possible purpose other than eluding the user," Check Point's security research team wrote in the blog.
"The deception was far reaching in its disruption to the user," Check Point noted, “despite the vast investment Google has recently made in the security of their App Store, 'LightsOut' reminds us once again that users need to be wary of downloading from App Stores," Check Point noted this week. "Many users are still unaware of the dangers lurking for them, and continue to install apps such as fishy flashlights."
Image Credit: Alok Sharma / Pexels