Normally, Google's robust series of checks and audits are pretty good at catching malicious code and preventing it from making its way to the Play Store. Sometimes, however, something slips through anyway despite the company's best efforts. This latest one is particularly bad.
Researchers from Check Point have identified a new strain of malware called "AdultSwine" lurking in more than sixty gaming apps on the Play Store. Each of these apps has been downloaded between 3 million and 7 million times, which gives us approximately 150 million infected devices.
As the name suggests, the malware primarily displays ads from the web that are of an adult nature, and often overtly pornographic. It also attempts to trick unsuspecting users into installing additional malware that masquerades as "security apps."
An analysis of the code reveals it to be highly flexible, allowing the authors to easily begin collecting all kinds of information about the owner of any infected device. This makes identity theft a real possibility if the hackers were inclined to do so.
The most disturbing element of all this is that the malware seems heavily focused on apps and games designed for children. So if you're a parent, it pays to check the apps that are installed on your child's phone. What seems at first glance to be a harmless game could actually be displaying pornographic advertising while they're playing.
The Check Point researchers had this to say about the discovery:
"Although for now this malicious app seems to be a nasty nuisance, and most certainly damaging on both an emotional and financial level, it nevertheless also has a potentially much wider range of malicious activities that it can pursue, all relying on the same common concept. Indeed, these plots continue to be effective even today, especially when they originate in apps downloaded from trusted sources such as Google Play."
Just to be safe, double check the apps on your child's phone!