These malicious Android apps were installed over 60 million times - here's how to stay safe

News
By published

Bitdefender uncovers a large-scale Android ad fraud campaign

An Android phone being held in the hand
(Image credit: Shutterstock / mindea)
  • Bitdefender found more than 300 Android apps used to display unwanted ads
  • Almost all apps have so far been removed from the Play Store
  • Some of the apps even tried to steal sensitive data

Hundreds of Android applications, installed millions of times from the Google Play Store, were part of a large-scale ad fraud campaign that displayed unwanted ads and tried to steal sensitive data from the victims, experts have warned.

Cybersecurity researchers from Bitdefender, who also credited IAS Threat Lab, said they discovered at least 331 apps that were available via the Google Play Store which, cumulatively, amassed more than 60 million downloads, mostly on older Android variants (Android 13 and older).

The apps were mimicking simple utility apps such as QR scanners, expense tracking apps, health apps, wallpaper apps, and others.

Protecting your Android phone

Most applications first became active on Google Play in Q3 2024, and by the time Bitdefender’s research completed, only 15 remained active. The vast majority of victims are located in Brazil, followed by the US, Mexico, Turkey, and South Korea.

When the victims downloaded one of the apps, they first hide their icons from the launcher (something that’s only possible on older versions of Android). The apps retained “some functionality”, but they are able to show out-of-context ads over other applications in the foreground. Some try to gather user credentials, credit card data, and other information.

Some apps can even start without user interaction, something that shouldn’t be possible even on Android 13.

While eventually all of the apps will be removed from the Play Store, people who have them installed on their devices remain at risk. If your Android smartphone is acting strange (lagging, displaying ads over different ads, overheating, spending data while idle), make sure to remove any unwanted apps, or those that you aren’t actively using.

Furthermore, if possible, make sure to use the latest version of Android. At the moment, that is Android 15, with the next iteration scheduled for later in 2025.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
In this photo illustration a Google Play logo seen displayed on a smartphone.
Over 2 million risky Android apps were blocked from the Play Store last year
mobile phone
Popular Android financial help app is actually dangerous malware
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
App stores are increasingly becoming a major security worry
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
Latest in Security
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
ID theft
Hackers claim Orange attack, threaten to leak 1TB of data
A computer file surrounded by red laser beams
Free online file converters could infect your PC with malware, FBI warns
Close up of a person touching an email icon.
Criminals are using CSS to get around filters and track email usage
DeepSeek on a mobile phone
More US government departments ban controversial AI model DeepSeek
Latest in News
Adobe AI agents
Adobe launches 10 new AI agents to automate key marketing workflows
Windows 10
Microsoft gets into the spam game by again emailing Windows 10 users to prod them to upgrade to Windows 11 – is the nagging going too far now?
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Leaked Galaxy S25 Edge pricing gives us a clearer idea of how the super-slim phone will fit into Samsung's lineup
Samsung Galaxy Z Flip 6 in blue
The Samsung Galaxy Z Flip SE may launch months after the Galaxy Z Flip 7
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
More about security
ransomware avast

Billions of credentials were stolen from businesses around the world in 2024
ID theft

Hackers claim Orange attack, threaten to leak 1TB of data
Windows 10

Microsoft gets into the spam game by again emailing Windows 10 users to prod them to upgrade to Windows 11 – is the nagging going too far now?
See more latest
Most Popular
Windows 10
Microsoft gets into the spam game by again emailing Windows 10 users to prod them to upgrade to Windows 11 – is the nagging going too far now?
Adobe AI agents
Adobe launches 10 new AI agents to automate key marketing workflows
Xbox Adaptive Joystick
The Xbox Adaptive Joystick has arrived, and you can buy it now exclusively at the Microsoft Store
Nvidia GTC 2025
Nvidia, Google, and Disney's AI-powered Star Wars robot is absolutely the droid I've been looking for
Frank Castle holding Matt Murdock against a locker in Daredevil: Born Again episode 4
Daredevil: Born Again episode 4 ending explained: who is Muse, what does Sic Semper Systema mean, who is Adam, and more big Marvel questions answered
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
Leaked Galaxy S25 Edge pricing gives us a clearer idea of how the super-slim phone will fit into Samsung's lineup
Samsung Galaxy Z Flip 6 in blue
The Samsung Galaxy Z Flip SE may launch months after the Galaxy Z Flip 7
ransomware avast
Billions of credentials were stolen from businesses around the world in 2024
Google Pixel 9 front and back
Leaked Google Pixel 9a promo materials reveal almost everything – and a launch could be just hours away
iPhone 12
The iPhone 17 Air could come with a key charging benefit, new leak claims