from the costly-freeware dept.
BBC reports that Android users are being warned that several popular apps that were on the official Google Play store appear to contain hidden code that made malicious ads pop up with one of the apps — a free version of the card game Durak — downloaded up to 10 million times, according to Google Play's own counter.
The "adware" causes spurious pop-up messages to appear that had been made to look like system notifications that say the phone is running "slow" and that the user needs to install new software to fix the problem. "You get re-directed to harmful threats on fake pages," writes Avast malware analyst Filip Chytry, "like dubious app stores and apps that attempt to send premium SMS behind your back or to apps that simply collect too much of your data for comfort while offering you no additional value."
Several people who had downloaded the Durak card game had posted warnings on Google Play as far back as November 2013, that they suspected it was forcing pop-up ads to appear. Google Play has been plagued by app problems in the past. It has previously offered titles that provide secret remote access as well as ones that are malicious advertising networks. "Phone users ultimately have to trust the operating system vendor," says Steven Murdoch, "whether that's Google or Apple [or someone else] to protect them."