Google still has a massive malware problem within the Google Play store. In November, we learned that apps from Cheetah Mobile had been part of a massive click fraud scheme that saw apps from it and Kika Tech stealing millions of dollars in fraudulent clicks. The apps had reportedly been downloaded around 2 billion times in total. A malware-infected QR Reader app had racked up 500,000 downloads in March of last year before being removed from the store. Now Google has reportedly removed another 85 apps from Google Play because they were malware laden.
The batch of 85 apps wasn't removed from the Google Play store until analysts with Trend Micro discovered that the apps had malware inside. Before they were removed, they were able to infect 9 million Android users. Among the apps were TV and video players and controllers, some showed full-screen ads until the apps crashed. Revenue for the developers was generated by displaying the fraudulent ads.
One of the apps specifically called out is "Easy Universal TV Remote." The app reportedly had a high number of bad reviews, but still had a four out of five-star rating with 132,590 reviews. There were a considerable number of bad reviews, but according to comments, the app asked users for a five-star review up front, after the rating was granted the app would start opening ads and crashed for users. Presumably asking for the 5-star review immediately and before any nefarious activity happened is how the app got such a high rating.
Google continues to work on security and catching malware-laden apps. It claimed in its Android Ecosystem Security Transparency Report that published in November that it had halved the quantity of malware on the store, but there is still a vast number of nefarious apps making Google Play the wild west of app stores. A full list of the 85 malware apps that Trend Micro found can be seen here in PDF form.