Google removed 85 photography and gaming apps from its Google Play store after it emerged that they had been part of a fraudulent ad scheme.
More than eight million Android users had downloaded the apps which showed ads that were hard to skip, according to cybersecurity firm Trend Micro which alerted Google to the issue.
Losses to digital ad fraud on mobile and desktop platforms are estimated between $5.8 and $42 billion.
The company said that the adware employed “unique techniques to evade detection through user behaviour and time-based triggers.”
After an app launches, the adware then checks for a device’s current time and registers a broadcast receiver which lets it monitor if a user is present. This lets it avoid detection. It then shows adverts once a user unlocks their device.
Ads were up to five minutes long and apps were difficult to delete because the adware created shortcuts in the background of the device.
However, there are ways to restrict shortcut creation on newer Samsung Android devices. Android 8.0 and newer versions also ask for confirmation before an app is allowed to create a shortcut.
Trend Micro advises that users install the Mobile Security for Android app which blocks malicious apps. The company provides a similar solution for businesses (Mobile Security for Enterprise), which prevents unauthorised access to apps and blocks malware.