Google Play has removed apps with more than 20 million downloads
According to a source, Google Play has eliminated apps that had more than 20 million downloads because they consumed an excessive amount of mobile data and drained the batteries of their users’ devices. According to a report published by McAfee, the company discovered a new strain of the Clicker virus that has infiltrated Google Play. It has been determined that the malicious payload was present in a total of 16 applications that were formerly available on Google Play. It is estimated that these applications had a total of 20 million installations.
Once the application is opened, it downloads its remote configuration by executing an HTTP request. “After the configuration is downloaded, it registers the FCM (Firebase Cloud Messaging) listener to receive push messages,” McAfee wrote in a blog post.
“At first glance, it seems like well-made Android software. However, it is hiding ad fraud features behind, armed with remote configuration and FCM techniques,” it added.
Security researchers reported their findings to Google, who informed them that none of the apps in question are currently available through Google Play. Users are additionally guarded by Google Play Protect, which prevents these apps from being installed on Android devices. The malicious code was discovered in applications that are considered to be useful utilities, such as Flashlight (Torch), QR readers, Cameras, Unit converters, and Task managers. The FCM message contains multiple categories of information, one of which is the function to call as well as the parameters for that function.