According to the information given by a researcher, the users who installed these apps, expecting that a game with animated cars and trucks will open, were left startled after the apps began crashing each time they were launched.
What the users were not familiar with was the execution of nefarious coding inside the apps that doubled up as a conduit for a different domain registered to a developer in Istanbul. Meanwhile, the malware was being installed as the app performed the crash and after a short time the app icons were deleted, making it even harder for the users to uninstall them.
The researcher has pointed out that these apps download APKs from the same domain and make users install them on the device. However, he has noted that this activity is no longer available.
It’s not clear what the malware-laden codes do on the device as the malware scanners couldn’t find a particular objective the malware could have been instituted with, as per a sample uploaded on VirusTotal.
However, it has been found that the malware persistently stays on the phone and has full authority over the networks, which could be used as a medium to steal personal data.
Scott Westover, a Google spokesperson, released a statement addressing the latest findings and that the apps were found violating the policies. He further confirmed that the apps “have been removed from the Play Store.”
While the potential threat has been nipped in the bud, it raises a big question on Google’s credibility as a tech company that has always tried to take a stand for its approach to the apps.
Many critics and analysts have time and again lambasted Google for showing laxity to the apps in the Play store, as compared to how Apple handles apps on the App Store. Earlier this week, Apple removed many WhatsAppSticker apps after they were found having a similar design, UI, and functionality, in addition to requiring WhatsApp to run.