The Google Play Store has made some impressive strides over the years in terms of security, but it’s still home to some questionable apps. Now, new research has revealed that over 200 popular Play Store apps are affected by rogue adware dubbed SimBad.
SimBad was discovered by security firm Checkpoint Research (h/t: Android Police) and is named as such due to the fact that many affected apps are simulator games. Checkpoint also confirmed that the 206 affected apps, which have since been removed from the Play Store, totalled almost 150 million combined downloads.
Some of the more popular affected apps include Snow Heavy Excavator Simulator (10 million downloads), Hoverboard Racing (five million downloads), and Real Tractor Farming Simulator (five million downloads). But other culprits include volume-boosting apps, photo editors, and live wallpapers.
What does SimBad do?
The security company said the adware was found within an ad-related SDK provided by an entity called addroider. But Checkpoint believes the app developers were “scammed” into using this SDK and may have been unaware of its content.
Checkpoint says that once a SimBad-enabled app is installed, the adware connects to command and control servers for further actions. The firm says SimBad is capable of opening phishing URLs in your browser, specific Play Store or app market pages (giving exposure to other sketchy apps), and even remotely installing apps.
The security company says SimBad works like adware right now, but adds that it “already has the infrastructure to evolve into a much larger threat.”
Google has stepped up its fight against sketchy apps in recent years, noting that it flagged over one million apps to date for pre-release security concerns. The platform-holder also said app store rejections and suspensions were up 55 percent and 66 percent respectively in 2018. But as this latest news shows, there’s always room for improvement.