British cybersecurity and hardware company SophosLabs has discovered a new type of ad-based Android malware strain called Andr/HiddnAd-AJ, which has infiltrated the Google Play Store disguised as QR code scanners and compass apps.
The malware, which was first reported by the company in a recent blog post, contains malicious code hidden within the Android programming library. What makes the malware so elusive is the fact that the code doesn’t start working until 6 hours of installing the app.
Once the malware infects an Android device it serves the user with a stream of ads, thereby generating ad revenue for the developer. SophosLabs alerted Google about the malware and the offending apps have since been removed from the Play Store. However, it’s worth noting that the malware-laden apps were download over 500,000 times before the listings were removed. In order to prevent such malware from infecting your device, SophosLabs recommends its own Sophos Mobile Security app which is capable of detecting and removing the malware laden apps.
Additionally, SophosLabs also points out that even though Google’s “app vetting process is far from perfect” users should still stick to the Play Store for their app downloads as it’s much safer than third-party app stores that don’t have a rigorous security protocol.