Google has removed 29 apps from the Play Store which were found filled with adware. These Android apps had over 3.5 million downloads on the Play Store.
White Ops’ Satori threat intelligence team discovered these 29 apps as part of their “CHARTREUSEBLUR” investigation. The word blur in the codename of the investigation is since most of the malicious apps were photo editing apps which had a blur feature. As for the word “chartreuse” the team just found it fun to say and that the liquor is tasty.
These Android apps were found running out-of-context (OOC) ads which are said to be used to avoid detection. After the user installs any of these apps, the launch icons would immediately disappear from the phone. This made it difficult for users to remove the malicious app from their phones.
One such app with adware was the Square Photo Blur app. The Satori team tested this app and discovered a “hollow shell of an app” which managed to pass the Play Store security checks. The app didn’t function as advertised and instead ran OOC ads on phones. Once the app was installed on the phone the launch icon disappeared and there was no “open” function on the Play Store either.
Ads that popped on up through these apps happened within intervals of only a few seconds. Also, almost every action the user performed on their phone triggered a code in the app for ads to pop-up. Some of these actions include unlocking the phone, uninstalling an app, charging the phone or even switching from mobile data to Wi-Fi. The ads pop up and occupy the whole screen of the phone. It’s not just ads though. The Square Photo Blur app even managed to launch an OOC web browser randomly.
29 Android apps have been identified with this malicious adware. But there could be more in the future. You can find the full list of apps below and uninstall them.
Auto Picture, Color Call, Square Photo Blur, Square Blur Photo, Magic Call Flash, Easy Blur, Image Blur, Auto, Photo Blur, Photo BlurMaster, Super Call, Square Blur Master, Square Blur, Smart Blur Photo, Smart Photo Blur, Super Call Flash, Smart Call Flash, Blur Photo Editor, Blur Image.
Google recently removed 11 apps from the Play Store which contained the Joker malware. These apps have been lurking around since 2017. Hackers have managed to introduce new variants of the Joker malware in Android apps. The malicious apps are no longer there but they may appear again in the future.