At duration of 2018, about 440 million users Android downloaded and installed apps from official Google Play Stores that contained a library that displayed aggressive ads outside of applications.
This promotional library, called BeiTaPlugin, was found embedded in 238 applications, according to Kristina Balaam, a Lookout Security technician.
Balaam reports that the Lookout company informed Google about the behavior of that particular library and that Google in turn informed all application developers who used it in their applications.
"As of May 23, 2019, most of the 230 apps that were on Google Play have been removed or updated to new releases without the BeiTa add-on," Balaam said.
Sometime in February and March, app users who used BeiTaPlugin started noticing too many ads and pop-ups popping out of apps, blocking access to the app. screen and phone functions.
"Users reported that they could not answer calls or open other applications due to the nature of the ads being displayed."
BeiTaPlugin's developers seem to have known exactly this behavior and tried to hide the aggressive advertising practices of the SDK.
They delayed the display of ads and pop-ups for the first 24 hours after opening the infected application on any Android device. So it was quite difficult for a user to locate the source of the ads.
Balaam also released a list of 238 Android applications that were once using BeiTaPlugin code.
______________
- Turla durable tools bypass detection mechanisms
- Google Automatically delete Web & App Activity data
- Google Chrome 75 has just been released with hidden Reader Mode
- Microsoft Exchange email hijacking tool is released online
- Silk Road 2 manager's collaboration with the FBI