Quote:More than two dozen malicious Android applications with over 2.1 million installs in total were observed by security researchers while displaying aggressive full-screen ads after downloading configuration files.
The 25 apps were found in the Play Store during late-August and, while immediately after being installed they did not exhibit any malicious behavior, the apps will subsequently download malware configuration files that would switch on their 'evil' mode.
These will tell the bundled malware components to enable modules designed to hide the apps' icons and to start displaying ads that will allow the malware developers to earn money using the infected Android devices.
All the 25 apps—camouflaged as fashion and photo utilities—were removed after being reported to Google on September 2, after successfully landing on the Play Store by making sure that the malicious functions were not hardcoded in the APKs (Android Package Kits) submitted for review.
"Instead, the switch is controlled remotely via the downloaded configuration file, allowing the malware developer to evade Google Play’s rigorous security testing," says Symantec's Threat Intelligence team who discovered the apps.
Read more here: https://www.bleepingcomputer.com/news/se...-commands/
![[-]](https://www.geeks.fyi/images/collapse.png)
