Up to 150 million people using the SimBad adware for android on the Google Play Store facing a malware attack. With Android Q, those apps would have to present themselves as keyboards, something that isn't entirely convenient for both users and developers.
Several other apps matched those figures too with dozens more being download at least one million times, including some that weren't simulation games at all.
AV-Comparatives said, most Android antivirus apps were phoney, and many of them seemed to have been created only to display ads or promote a developer's career. It might have been harder to detect and stop because of that, as the infected apps are safe and legitimate if it weren't for the adware that managed to sneak past, not to mention that it wasn't out to steal personal data of users.
It advised that if you want to make sure you are protecting your Android device adequately, stick to apps from well-known antivirus companies.
According to the company, while location data can be imperative to giving users recommendations based on where they are, it is also a very sensitive type of personal user information.
Of the 250 apps tested, only 80 detected over 30% of the malware they encountered during individual tests, which were not particularly complicated (the researchers installed the antivirus and then automated the device to open a browser, download a malicious app and install it). Some security apps couldn't run on Oreo; for those, AV Comparatives used Android 6.01 running on a Nexus 5 instead. Therefore, the new 14.0.28 APK update introduces a handful of software tweaks which boost the overall performances of the Google Play Store.
There can be risks in using whitelists. Check Point also published a list containing the tainted apps showing package name, the app name and number of installations.
An investigation by cybersecurity firm AV-Comparatives found many offerings don't work as intended, some don't even try to work as intended, and some are there just for the opposite effect - to bombard the user with ads and malvertising. This tactic is common amongst Android malware, and this one is not an exception. Discovered by Check Point, the SimBad adware affected 206 apps listed on Goole Play, all of which have now been reportedly removed after Google was notified about the same. In those days, researchers often found malware purporting to be anti-virus applications.