Did you know that there were just over 500 apps removed from Google Play Store? That is quite a lot of apps to be removed from Google Play Store all at once. While Google Play Store is known for being one of the best places for Android apps, there was a new threat that was found by Lookout. This threat included over 500 apps having vulnerabilities. Read on to learn about the 500 apps removed from Google Play Store and what exactly caused this huge removal to take place.
Apps Removed From Google Play Store Due to Spyware Concerns
We wanted to tell you if you have an Android device about the 500 apps removed from Google Play Store. These apps were removed due to the vulnerabilities that could lead to spyware being installed on your Android device. The vulnerabilities in these 500 apps removed from Google Play Store were found in the advertising software of the apps. If these vulnerabilities in the advertisements were exploited, then it could lead to someone installing spyware onto your Android device without you ever knowing.
The apps removed from Google Play Store came after researchers with Lookout found an SDK that was causing the potential spyware issues. Lookout is a mobile security firm and the company was able to find out that over 500 apps in Google Play Store had used the SDK that was creating the vulnerabilities. For those of you who are not as savvy with mobile devices, an SDK is a software development kit. A lot of mobile app developers use specific SDKs in order to perform various advertisement services.
Apps Removed from Google Play After SDK Vulnerability Found
To go into even more details about this particular SDK, we do know what Lookout found that made the mobile security firm immediately contact Google to alert the company of the news. In this case, Lookout found that it was the Igexin SDK that was leading to the vulnerabilities that could allow a hacker to put malware onto your Android device.
Igexin was developed over in China and was made specifically to perform these targeted advertisements. Once Lookout started researching the Igexin SDK a little more, the mobile security firm found that it was present in over 500 apps that were found on Google Play Store.
While Lookout did not say which apps had the Igexin advertising software installed, it did say that there was one specific game that was super popular which contained this vulnerability. In this instance, Lookout said that this particular game had over 100 million downloads and it was a game targeted towards teenagers. Other notable categories of apps removed from Google Play that contained the vulnerability included a photo editing app which had been downloaded about five million times.
More Details About Apps Removed Over Security Concerns
A weather app that was downloaded over five million times also was in the list, as well as an internet radio app which had over one million downloads. Lookout also said that apps that were in travel, fitness, education, and health were also found to have the specific SDK vulnerability as well. As you can see, the Igexin SDK was found in hundreds of apps all through the categories on Google Play Store.
That most likely is because Igexin is a particular SDK that allows app makers to generate revenue through those targeted advertisements. Certain apps were more likely to use the Igexin SDK over other types of apps, although it is definitely one of the bigger advertising services out there.
In order to generate the revenue for the app maker, this SDK would collect various user information and data. Collecting this information is what allowed the targeting advertisements to occur, with browsing history and interests being a couple of pieces of information that the service collected.
What Igexin SDK Could Do to Infected Devices
That is not all Igexin could do though, although the SDK creators did not know about just what all Igexin could potentially do to an Android user. Neither the apps that used the SDK nor the creator of the SDK knew that attackers ended up taking control over the servers.
This led to malware being delivered to various devices, and from there the attackers could gain all of the user information from the Android device. Since both the SDK developers and the app developers did not know about this SDK being taken over by attackers, it was able to sneak into Google Play Store.
This also means that both the app developers and the SDK developers were left in the dark about the potential vulnerabilities of the SDK and how it could be used nefariously. Thus, that is why we just saw over 500 apps removed from Google Play Store. Typically speaking, the apps removed from Google Play Store are small in numbers because it is the app developer often times behind the attacks or malware.
The good news here is that Google quickly removed all of the apps from Google Play Store, although that might not help if you had already downloaded one of the 500 apps. You should definitely be running anti-virus and anti-malware on your Android device to ensure you are not downloading or using an infected app.