56 Android Apps Hijack Devices, Drain Battery

Security researchers have warned of 56 infected Android apps that could compromise performance. They've been deleted from the Google Play Store, but could still be on users' phones and tablets.

According to Check Point, the apps contain malware designed to hijack phones and simulate user actions to click on ads. That could run down batteries and eat into mobile data allowances. (Source: checkpoint.com)

The 56 apps include 24 supposedly aimed at children, and 32 which offer simple utilities. They all work as designed: the problem is what's happening in the background. (Source: express.co.uk)

Motion Capture Is Hijacked

The malware, dubbed Tekya, takes advantage of an Android feature added last year called MotionEvent.

It's designed as a way to better track movement, for example when a user swipes a finger or uses a stylus on the screen. The malware instead hijacks this process to falsely report "movement" and give the impression the user has not only seen ads, but has clicked on them.

The scammers behind the malware use this bogus info to claim royalties from advertisers for the supposed user views and clicks on website advertisements. In some cases, the fake clicks are designed to simulate a user that ends up on a checkout page. These types of fake clicks mean bigger royalties, because the supposed "customer" has converted into a potential purchaser of a product and is therefore more valuable to advertisers.

In most cases, the device's actual owner won't see any of this activity as it will be displayed in a window that's behind the main display. The only way they'll realize something is amiss is when their device gets hot, runs out of battery quickly, or has unexpectedly high Internet use.

Play Store Security Checks Fail

The real concern is that these apps all got past Google's security checks. It appears the scammers were able to obfuscate the malicious programming code so that it couldn't be properly read by automated scans looking for suspicious or known malicious instructions.

The apps have all since been removed from the Google Play Store - however, installed copies will remain on devices until users remove them.

The full list of apps include:

• 24h Translate
• Amazingkitchen
• Aquawar
• Armeasure Translate
• Arplanner Sketchplan
• Arsketch Quickplan
• Artech Helpful
• Best Translate
• Best Translate Tool
• Bestcalculate Multifunction
• Besttranslate
• Biscuit
• Biscuitent
• Breaktower
• Burningman
• Calculatepro
• Carstiny
• Cooking
• Delicious Recipes
• Digiv Weather Radar
• Dressup
• Fastdownloader
• Folding Blocks Origami Mandala
• Fortuneteller Tarotreading Horo
• Goldencat Hillracing
• Happycooking
• Hexadom
• Hexamaster
• Ichinyan Fashion
• Imgdownloader
• Instant Translate
• Jewel Block Puzzle2019
• Letmego
• Littlefarm
• Livetranslate
• Magic Cuble Blast Puzzle
• Major Cookingstar
• Major Zombie
• Mcmc Ebook Reader
• Mcmccalculator Free
• Michimocho Video Downloader
• Multi Translate Threeinone
• Pro Translator
• Raceinspace Astronaut
• Smart Language Translate
• Smart Tools Pro
• Snap Translate
• Spaceship
• Splashio
• Stickman Runner Parkour
• Stickman Warrior
• Swift Jungle Translate
• Tapsmore Challenge
• Titan Block Flip
• Titan Translator
• Titanyan Igsaver
• Translate
• Translator
• Travel Map
• Twmedia Downloader
• Unblock Car Puzzle
• Wego Translate
• Withu Translate
• Yummily Healthy Recipes

What's Your Opinion?

Do you trust Google to vet apps properly? Have you noticed unusual battery drain after installing a new app? Should Google develop a way to warn people when they have an app installed that has since been removed from the Play Store?