Thomson Reuters
- 22 flashlight and utility apps in Google Play were found to carry malicious adware.
- The adware, dubbed LightsOut by security researchers, would spam Android phones with illegal advertisements, whether or not the app was in use.
- Google Play has since removed all 22 apps.
Many security advocates tell Android users to only download apps from Google Play, the official store that Google operates for Android apps, in order to avoid viruses and spam. But even Google Play can fall victim to malicious code.
Security researchers at the cybersecurity software company Check Point discovered a new adware, dubbed "LightsOut," hiding in 22 different flashlight and utility apps on Google Play, according to a new report released by the company on Friday. Check Point estimates that the adware affected between 1.5 million and 7.5 million downloads.
The apps have since been removed from Google Play, according to Check Point. Google did not respond to a request for comment.
Much like pop-up ads of the 1990's, LightsOut triggers ads on a user's phone, even when the user isn't in the app. These ads can be triggered by anything from a wi-fi connection, the end of a call, the plugging in of a charger, or locking of a screen, and continue to follow users even when they disable ads within the apps.
Some users with the adware said they were "forced to press on ads to answer calls and perform other activities on their device." according to Check Point. One user also reported seeing the ads after he had purchased an ad-free version of the app.
While this type of adware is an illegal method of generating ad revenues, it's not technically a virus, according to Check Point. The difference is that viruses self-replicate, whereas adware lives inside of the code for specific apps, and goes away once the app is deleted.
The Next Smartphone by the BI Intelligence Research Team.
Get the Slide Deck Now »