Our experts found seven rogue adware apps that were available on the Google Play Store and Apple App Store. antivirus software In total, these applications have been downloaded more than 2,400,000 times and have brought their owners more than $ 500,000 (about 38 million rubles). Apps were rated low, ranging from 1.3 to 3.0.
The discovery came from a teenager who followed our Czech project Avast Be Safe Online, which teaches kids how to stay safe online. The girl drew attention to the TikTok account that promoted the suspicious application and informed us about it.
The programs pretended to be entertainment apps such as games (Shock Friends), wallpaper apps, and music players. At the same time, they constantly displayed ads or charged users from 2 to 10 US dollars (from 150 to 750 rubles). Some of the applications turned out to be Trojans of the Hidden Ads family . They disguise themselves as safe and useful applications, but in fact they simply flood the user with intrusive ads. They often hide their app icon to make it difficult for smartphone owners to identify the source of the ad.
We thank the girl who informed us about the suspicious TikTok profile, her awareness and responsibility is a good example of the conscientiousness that we all need to exercise in order to make the online safer. The apps we detected are fraudulent. They violate Google and Apple policies by either misleading when describing app functions, or displaying intrusive ads outside of the app and hiding the original app icon shortly after installing it.
We are particularly concerned that apps are being promoted on social media platforms that are popular with young children. Such young users may not recognize fraud and fall for the tricks of intruders.
Promotion on TikTok
Most apps are promoted on TikTok with at least three accounts. One of them has over 300 thousand subscribers. In addition to TikTok profiles, researchers also found an Instagram account that advertises one of the apps - it has over 5,000 followers. The links in these profiles lead to iOS or Android apps, depending on which device you're linking from.
Presumably, these apps (for both iOS and Android) are developed by the same people. Avast reported them to Apple and Google, and also reported suspicious profiles on TikTok and Instagram.
How users can protect themselves
Read reviews carefully
Adware and rogue programs can be difficult to immediately recognize. They are often disguised as entertainment apps. The main signs that the application is malicious: low rating, negative reviews (already there you can see messages about intrusive ads or low functionality).
We found a few more applications that the developers of these seven programs have worked on. They also have a low rating and negative reviews, although there are also too positive, positive comments. This can also be a sign that something is wrong.
Evaluate the offer
Users need to understand what they are paying for, whether it makes sense at all to pay for such an application. Many of these apps offer basic functionality at an unreasonable price. For example, wallpapers that cost $ 8 or simple games that supposedly shock the players, but in fact just make the device vibrate. $ 8 is a large enough amount to be found for free from other developers.
Before downloading applications, users should check the permissions requested by the application and consider whether the requests are justified and make sense for the program to work. We have already written about how to configure app permissions for Android in our other article .
Android ThemeZone App - Shawky App requests access to the device's external storage, which can contain photos, videos and files. personal data fraud But access to external storage is not needed for the wallpaper app to work.
Talk to your child about online safety
It is important for parents to talk to their children about choosing which apps to download and discuss what to look out for before installing them. For example, you can introduce a rule that children must ask permission before downloading an app - this will help avoid possible unnecessary expenses.
Screenshots of apps and accounts can be found here.
Fraudulent Android Apps Detected
ThemeZone - Shawky App Free - Shock My Friends
Developer: Moteleb Inc. Rating: 1.3
Number of downloads according to Google Play: from 100 thousand. Number of downloads according to SensorTower , a mobile app marketing and analytics company : 418,000.
Income according to SensorTower: $ 15,000 (about 1,150,000 rubles)
How the application behaves:
Requests access to external storage through a fake security check screen.
Shows the user an ad for the 'Shock your friends' mini-game with a free trial button.
When you click on the free trial button, the user is taken to the payment page with a weekly subscription fee of $ 8–10 (600–750 rubles).
As soon as the user pays for the app, it turns out that its main function is the wallpaper, not the game.
The app often shows ads even after payment.
Tap Roulette ++ Shock my Friend
Developer: Go Best. Rating: 2.2
Number of downloads according to Google Play: from 1 million Number of downloads according to SensorTower: 1.7 million
How the application behaves:
The app asks for permission to display on top of other apps and then uses it to actively serve ads.
The app supposedly includes a mini-game, but in fact it just makes the phone vibrate.
As soon as the user starts playing, he activates the adware Trojan. The application hides its icon and starts actively displaying ads.
Ulimate Music Downloader - Free Download Music
Developer: Go Best. Rating: 3.2
Number of downloads according to Google Play: from 100 thousand. Number of downloads per SensorTower: 192k.
As soon as the user listens to a few songs, he activates the adware Trojan. The application hides its icon and starts actively displaying ads.
Fraudulent iOS Apps Detected personal data breach Asks for $ 8 (about 600 rubles) to allegedly scare the user's friends.The device only vibrates - it has no other interesting functions.
ThemeZone - Live Wallpapers
Developer: Abdelsatar Abdalmotaleb. Rating: 2.0
Number of downloads per SensorTower: 67k. Profit according to SensorTower: $ 246,000.
Asks for $ 2 (about 150 rubles) for wallpaper with animation.
After that, the user has to pay another 8 dollars (about 600 rubles) to get access to the VIP wallpapers.
Judging by user feedback, the backgrounds either don't work or don't match the declared ones. free social media score
Developer : Apps & Games Inc Unlimited Fun Free Games. Rating: 1.6
Number of downloads according to SensorTower: 44 thousand. Profit according to SensorTower: $ 52,000.
Asks for 5 dollars (about 380 rubles) to allegedly scare the user's friends
The device only vibrates - it has no other functions