A hidden ad plugin present in 238 Android apps has been uncovered by security experts. Researchers from security firm Lookout came across this malicious plugin in these apps which were collectively downloaded over 440 million times. Known as ‘BeiTaPlugin’, the adware was highly obfuscated to cloak itself in the apps.
Upon notifying Google, the tech giant has removed the plugin from all the affected apps.
Devices rendered inoperable
In a blog, Kristina Balaam, Security Intelligence Engineer at Lookout, described how the plugin made devices almost inoperable. “While out-of-app ads are not particularly novel, those served by this plugin render the phones nearly unusable. Users have reported being unable to answer calls or interact with other apps, due to the persistent and pervasive nature of the ads displayed,” wrote Balaam.
“These ads do not immediately bombard the user once the offending application is installed, but become visible at least 24 hours after the application is launched,” Balaam further added.