Android malware hidden in QR code apps infects 1 million users

A new strain of Android malware is said to have infected at least a million users while hidden inside seemingly harmless apps.

Six QR readers and a smart compass app contained the malicious code, which initially went undetected by Google’s Play Store security checks. The apps were downloaded more than 500,000 times before Google pulled them.

The malware, called Andr/HiddnAd-AJ, was discovered by researchers at SophosLabs who published an article about their findings last week (via ZDNet). The code lies dormant on devices until six hours after installation when it bombards affected devices with ads and notifications; it’s intended to generate ad revenue clicks for the perpetrators.

SophosLabs

SophosLabs didn’t provide names for the seven apps responsible but you can see four of them in the image above. If you suspect one of your apps contains the malware, you can try reinstalling it—if you’re able to, you’re in the clear, since Google has removed the offending apps from the Play Store. Google’s Play Protect scanning feature may have already notified you of the problem also.

The Google Play Store is home to more than 3.5 million apps and features a robust security system. This helped Google remove 39 million potentially harmful apps from the store in 2017, while the company also has an ongoing rewards scheme for those who discover vulnerabilities there. It remains the safest place to download Android apps and games, though it isn’t foolproof, as we’ve seen problematic content slips through the cracks from time-to-time.

For some tips on staying secure with Android, hit the link, and give us your thoughts on the latest news in the comments.