Avast has discovered multiple applications in Google’s Play Store — the main marketplace through which Android users download software — that infect a device with “adware” when installed.
The applications are said to wait up to 30 days before they start displaying advertisements warning about security risks and other problems whenever an Android device is unlocked.
These warnings then prompt consumers to visit malicious websites, download security software that won’t make the warnings disappear, or find new apps from a third-party store.
Yet, as Ars Technica notes, this isn’t the first time the Play Store has been found to have questionable applications intent on stealing information or scamming from their users:
It’s not the first time Google’s official Android app bazaar has been found to host malicious apps. In the past, it has offered titles laced with surreptitious remote access trojans, Bitcoin miners, and rogue advertising networks. Three years ago, Google introduced a cloud-based scanner that scours Play for malicious apps, but attackers have been known to bypass it.
The problems are likely the result of Google’s decision not to police the Play Store as much as Apple does with its App Store, which has many rules that can be hard for developers to abide.