Critical Android malware warning issued as up to 8 million devices infected

Android malware
(Image credit: Shutterstock)

Another day, another Android malware scare – and this might be the most one worrying yet. 

Security researchers at ESET have revealed details of an extensive adware offensive that has successfully targeted Google's mobile platform to the tune of 8 million downloads.

Dating back to July 2018 and dubbed the 'Android/AdDisplay.Ashas' campaign, its heartbeat is a collection of 42 apps that promise useful functionality such as video downloading and radio streaming – or disguise themselves as games.

Once installed, though, the programs change shape and plague the host device with ads that appear as a full-screen activity – a major nuisance to the user that also drains battery life and can sneakily access personal information.

'Several tricks for stealth and persistance'

This newly unearthed strain of Android malware is particularly menacing because of the numerous ways it's capable of avoiding detection.

After being downloaded, the apps serving as a front for the adware work just as you'd expect them to, but they operate a time delay before entering adware mode so as to avoid being flagged by Google's security boffins.

Not only that, they hide their home screen icon and replace it with a shortcut so as to avoid permanent deletion by the user – and can mask their identity as Google or Facebook if you try and get to the source of the ads.

"The Ashas adware family has its code hidden under the package name. This trick – posing as a part of a legitimate Google service – may help avoid scrutiny," writes ESET's Lukas Stefanko.

Uninstall today – and take care in future

android malware apps

Full list of these apps at the end of the article (Image credit: ESET)

Android users should check their device right away and delete any offending apps they might have installed right away – the first 21 discovered by ESET are pictured above for reference.

All of the apps flagged by the security firm have since been removed from the Play Store – they are still available as third-party downloads – once again highlighting the importance of only downloading apps from official outlets.

As part of its investigation, ESET uncovered the developer behind the nefarious software and notes that they also list apps in the Apple App Store, so iOS users should be equally vigilant. 

In addition, mobile users might want to take a serious look at the best antivirus software, most if not all of which offer companion apps for Android and iOS that screen potential downloads for unwanted nasties.

If you don't want to pay for full-fat security, do remember to read app store reviews at the very least, before installing anything to your device.

Malware typically gets noticed sooner rather than later, so it's is a free way to see if the app you want to download is hiding something unpleasant. However, just checking ratings is no guarantee of safety. Several apps on this list had more than one thousand reviews with high ratings. For example, Ringtone Maker Pro had more than 2000 reviews with a score of 3.9 stars, while HikeTop+ had a score of 3.6 stars from more than 1300 reviews. It's easy to think these apps would be safe with numbers like that.  

The full list of the discovered apps can be found below. If you have installed any of these delete them if you can and scan your phone with a reputable malware or antivirus program.

  • Smart Gallery - by Uranium
  • Savelnsta - by Uranium
  • Flat Music Player - by Uranium
  • Mini lite for facebook - by HIEN-DEV
  • Free Radio FM Online - by Juke Studio
  • Free Video Downloader - by DINH VIET HUNG
  • Ringtone Maker Pro - by DINH VIET HUNG
  • Free social video downloader - by Mini Apps VN
  • File Downloader for Insta - by Carmen D. Adkins
  • Water Drink Reminder - by Carmen D. Adkins
  • Smart Notes for You - by Carmen D. Adkins
  • HikeTop+ - Become Popular in IG - by Claure Apps
  • DU Recorder - Screen Recorder - by Claure Apps
  • Tank classic - Super battle tank - by mrtcorp
  • Heroes Jump - by JJDO TK
  • Solucionario de Álgebra de Baldor - by CarlosGApps
  • Ringtone Maker 2019 - by CarlosGApps
  • Video downloader master - by TYPHU TEAM
  • Basketball Perfect Shot - by JJDO TK
  • Mp4 video downloader - by Tiler Hember
  • Free Top Video Downloader - by THELT

More internet security links:

James Laird

A technology journalist with nearly 10 years of experience, James is the former News and Features Editor at Trusted Reviews, and has also served as regional Editor of Lifehacker. His articles have been spotted on sites ranging from The Sun to InStyle, but his true love is shiny things and the story behind them. An avid golfer in his spare time, you'll also regularly catch him hovering over the BBQ listening to Pearl Jam.