Google’s Goof Up: Malware apps downloaded over 600 million times from Play Store in 2023

In a startling revelation, cybersecurity and anti-virus giant Kaspersky has disclosed that Android users downloaded malware from Google’s Play Store more than 600 million times in 2023. Despite Google’s stringent security measures, a considerable amount of malicious content has infiltrated the Play Store, posing a significant threat to Android users.

According to Kaspersky’s report, malicious developers have devised new methods to circumvent Google’s security checks, allowing them to list infected apps on the Play Store. The report highlights various types of infected content and applications that have been downloaded through the storefront, including mini-game ads collecting user data, deceptive Minecraft clones, apps promising monetary rewards, and more.

The most prevalent threat identified by Kaspersky involves suspicious apps featuring in-app mini-game ads that harvest user data, amassing over 451 million downloads. Among these, the report identified a malware named SpinOk, infecting over 100 apps on the store by presenting itself as in-app mini-games offering financial incentives while surreptitiously collecting user data.

Hidden ads in apps accounted for over 100 million downloads, while ad-laden clones of the popular game Minecraft saw over 35 million downloads. The report disclosed the presence of 38 Minecraft clones with hidden adware on the Play Store in 2023, noting the game’s immense popularity as a prime target for malicious actors.

Apps promising monetary rewards under false pretences, often posing as health and activity trackers, accumulated over 20 million downloads. Additionally, the report identified more than 40 apps, downloaded 2.5 million times, infected with background adware.

Two file manager apps, boasting a total of 1.5 million downloads, were found surreptitiously collecting user data despite claiming otherwise. These spyware apps were reportedly sending sensitive user information, including contacts, location, photos, audio, and video, to servers in China.

Kaspersky’s experts also detected Play Store apps infected with the Fleckpe subscription Trojan. Once downloaded, these apps installed a malicious payload on the user’s device, collecting country and cellular operator information. The malware then subscribed users to paid services through maliciously opened web pages.

The report further highlighted 50,000 downloads of an iRecorder screen recording app for Android, uploaded to the Play Store in 2021. The app contained malicious code that triggered the recording of smartphone microphone sound every 15 minutes, sending the data to the developers’ server. This revelation underscores the critical need for enhanced security measures on the Play Store to safeguard Android users from the escalating threat of malware downloads.