Google Removes Chamois Malware Apps from Play Store
Google has removed a handful of malicious apps from its Play marketplace recently that were found manipulating ad traffic, sending premium text messages, and downloading additional plugins without user consent or knowledge.
Bernhard Grill, Megan Ruthven, and Xin Zhao, all security software engineers with Google, said Monday that they detected the family of potentially harmful applications. Described as one of the largest they’ve ever come across, during a routine ad traffic quality evaluation.
This family of apps has been named ‘Chamois’ by the Google team.
It was unlikely a victim of these apps would even realize they were infected, because the Chamois apps didn’t appear in a device’s app lists, meaning they couldn’t see the apps or uninstall them.
Google had been actively scanning for apps which triggered ads at a rate higher than normal. While these apps had been difficult to spot, as they morphed between different file-types and names, they were eventually tracked down. The ad behavior scanner has helped Google flag thousands of apps belonging to families similar to Chamois like Ghost Push, Gooligan, and Hummingbad in the past 10 months.
No official count of the number of malicous apps has been given by Google.