Security News > 2022 > October > Android adware apps in Google Play downloaded over 20 million times

Security researchers at McAfee have discovered a set of 16 malicious clicker apps that managed to sneak into Google Play, the official app store for Android.
Clicker apps are a special category of adware that loads ads in invisible frames or in the background and clicks them to generate revenue for their operators.
All 16 apps have been removed from Google Play after McAfee reported them.
The apps download their configuration from a remote location via an HTTP request and register an FCM listener to receive push messages.
McAfee analysts say that the liveposting SDK can operate on its own, too, possibly to create only ad impressions, but recent versions of the apps feature both libraries.
Some ways to discover if apps of this kind are present on the device, users should check battery and internet usage.
News URL
Related news
- New North Korean Android spyware slips onto Google Play (source)
- Malicious Android 'Vapor' apps on Google Play installed 60 million times (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- How Google tracks Android device users before they've even opened an app (source)
- Google fixes Android zero-day exploited by Serbian authorities (source)
- Google expands Android AI scam detection to more Pixel devices (source)
- Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud (source)
- Google Gemini's Astra (screen sharing) rolls out on Android for some users (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)