Have you ever received messages like -
!!! URGENT !!!
Your phone may be slow! Click OK and follow the instructions to fix your Internet !
Software Update Notification. Your Google Nexus 5 Launcher is obsolete! If you do not upgrade to the latest version, your system will slow down and can crash from time to time! Tap the button and install ZERO Launcher Updater. Size: 1MB (only 3-4 seconds to download)
If yes, you might have fallen foul of a spate of your apps that have managed to make their way into the official Google Play store, despite secretly harboring a malicious advertising SDK within their code.
A blog post published by Avast Researcher Filip Chytry states that over 5-10 million Android Devices installed Durak Card Game, which is one the affected Android apps. Specialty about the bug is that it takes a week’s time before getting activated, thus making it harder for the user to identify the responsible app which cause the above-mentioned irritating messages!
Even though you are not a security-savvy person and these pop-ups do not bother or irritate you as much, you might consider it as a warning. It is a potential convincing social engineering trick which makes a user the app on the phone which leads to potential threats to the phone.
In Mankevich’s opinion, these SDK also contain codes which make them able to create new short cuts, hack into the user’s browsing data, desktop, and can possibly make alterations to the system settings.
Even though these messages may sometimes lead us to a “claimed-to-be” better versions of other genuine apps, for example, Opera Mini, we must know that it could be harmful, and just another way to earn some cash.
Although Google Play Store has removed these offending apps from the server, it’s an easy guess around the number of apps that might be lurking in Google’s official Android app store that have similarly unpleasant surprises waiting inside them!