Pop-up ads on a smartphone are THE WORST! Google has just removed several QR Code reading apps for launching a barrage of pop-up ads on the smartphones that installed them. The offending apps were identified by Sophos Security.
Sophos discovered then reported the apps to Google but not before some of them were downloaded over 500,000 times. The apps include readers and scanners released by VIP Boy, TDT App Team, VN Studio 2018 and smart.sapone.
Sophos reports the apps would lie quietly for a while, not taking any action after it was installed, but later would paste numerous spammy ads on the screen.
QR Code readers and scanners use the smartphone’s camera to read a special bar code that will open webpages or download images. These are quite popular in both the Google Play Store and Apple’s App Store.
Sophos said in addition to sending pop-ups, some of the apps would send notifications, including clickable links.
I can’t think of a reason anyone would want or need to download an app from a company they’ve never heard of to scan QR or barcodes or to use the phone as a compass or flashlight because most phones today have those features built in. Google also has its own code reader Google Goggles that will also detect photos and objects and send related information about them.
Android device owners should pay attention to fake or malware-infected apps in the Google Play Store. While Google says it reviews apps before placing them in the Play Store it has run into problems with bad apps several times in the past. Over 2017 Google had removed over 700,000 bad apps for privacy or malware concerns.
The problem with bad apps is not exclusive to Android and the Google Play Store. Apple has had to remove bad or spammy apps but not nearly to the degree they’ve plagued Google.
If you are an Android device user, it’s a good idea to install mobile security. Sophos has its own software for Android devices. Once installed, Sophos Mobile Security will scan the phone’s storage, looking for apps that may spread or install malware or steal information from the user. If it detects a threat it prompts the user to delete the app.
It is also a good idea to only download Android apps from the Google Play Store. Although it does not catch every bad app before it appears in the store it is much safer than downloading apps from other websites or emailed links.