This seems to be getting way too fairly common. The good news is if users have Google Protect enabled (which they would by default unless they go in and disable it), these malicious apps will be removed from their device once Google removes the offending app from Google Play. Users should follow the old advice, “if it sounds too good to be true…don’t install it” when it comes to apps. Also, check the reviews as well as the developers site before installing (especially if you are paying for said app).
One app illustrated by Dr. Web that has amassed one million downloads is TubeBox, which remains available on Google Play at the time of writing this.
TubeBox promises monetary rewards for watching videos and ads on the app but never delivers on its promises, presenting various errors when trying to redeem the collected rewards.
Other adware apps that appeared on Google Play in October 2022 but have since been removed are:
- Bluetooth device auto connect (bt autoconnect group) – 1,000,000 downloads
- Bluetooth & Wi-Fi & USB driver (simple things for everyone) – 100,000 downloads
- Volume, Music Equalizer (bt autoconnect group) – 50,000 downloads
- Fast Cleaner & Cooling Master (Hippo VPN LLC) – 500 downloads
Plus several loan scam apps with 10K+ downloads, but all had direct ties to Russia. These apps were promoted via malvertizing through other apps, promising guaranteed investment profits…in reality their sole purpose was to steal users personal information via Phishing schemes. Again, “if it sounds too good to be true…”
Update 12/06/2022 Google has confirmed they have removed TubeBox from Google Play