More than 200 apps in the Google Play Store had malicious advertising code that could cause a phone to display ads outside the app, direct users to websites and app store links, and even download new apps, according to the security firm Check Point.
Check Point says it reported the malicious apps to Google, which confirmed it has removed them from the store. Those apps had amassed nearly 150 million downloads before being removed, according to Play Store statistics.
The malicious code made it into the apps by posing as legitimate advertising software. Developers would use it thinking the code would display ads properly — albeit, frequently, Check Point notes — inside their apps. In reality, it did much more. That allowed the adware to spread widely, hidden inside a variety of different apps and games in the Play Store.
Quite a few of the most popular apps infected with the adware were simulator games, including Snow Heavy Excavator Simulator, Real Tractor Farming Simulator, Heavy Mountain Bus Simulator 2018, Hummer taxi limo simulator, Excavator Wrecking Ball Demolition Simulator, and Sea Animals Truck Transport Simulator. Check Point named the adware SimBad in reference to the glut of infected simulators.
Submitted by: Arnfried Walbrecht