Security researchers at Sophos have found a manipulative strain of adware in the Google Play Store that attempts to avoid removal by hiding its own icon in the launcher, or by disguising itself as a legitimate system app.
The researchers found 15 apps in the Play Store that serve no purpose other than to display intrusive ads, and are unusually difficult to uninstall – and there may still be more undiscovered.
One such app, Flash On Calls & Messages – aka Free Calls & Messages, displays a fake error message when launched, claiming that it’s incompatible with your device. The app then directs you to the Google Play Store entry for Google Maps, to trick you into thinking that was the cause of the ‘crash’.
You’ll have a hard time uninstalling the malicious app because it hides its own icon. Sophos has identified similar apps that appear on your phone’s App Settings page, but with a name and icon that makes them look like a harmless system app.
How to uninstall the adware
TechRadar asked Sophos how Android users can avoid falling victim to this kind of adware, and what you can do if you’ve installed a malicious app that you can’t remove.
“While these apps have been removed from the Google Play Store, there may be others we haven’t yet discovered that do the same thing,” Andrew Brandt, principal researcher for Sophos, told us.
“If you suspect that an app you recently installed is hiding its icon in the app tray, tap Settings (the gear menu) and then Apps & Notifications. The most recently opened apps appear in a list at the top of this page.”
“If any of those apps use the generic Android icon (which looks like a little greenish-blue Android silhouette) and have generic-sounding names (‘Back Up,’ ‘Update,’ ‘Time Zone Service’) tap the generic icon and then tap ‘Force Stop’ followed by ‘Uninstall.’ A real system app will have a button named ‘Disable’ instead of ‘Uninstall’ and you don’t need to bother disabling it.”
When it comes to avoiding these malicious apps, Brandt recommends taking time to read the reviews before installing anything new, and being careful which ratings you trust.
“To stay safe when downloading apps from the Google Play Store, users are advised to read reviews and sort them by most recent and filter out the positive four and five star reviews with no written text,” he says. “If several reviews mention specific undesirable behavior, it’s likely best to avoid that particular app.”
And what can you do if you think you’ve found such an app in the Play Store? “Endpoint security solutions – like Sophos Mobile Security, for example – protect users from these stealthily deceptive apps,” says Brandt. “Users can also report malicious apps by emailing the Google Play security team at firstname.lastname@example.org.”