Google Play Store distributed malicious ad-fraud apps designed for kids

Google Play Store distributed malicious ad-fraud apps designed for kids

Recent reports on the latest malware threats state that more than 50 apps promoted in Google Play Store were distributing malicious software called Tekya. Most of these apps were aimed at children (puzzle, racing and other games for kids), while others were various utility apps like downloaders, calculators, translators, and so on. Almost one million of downloads were made before Google removed infected apps from Play Store.

Tekya malware mimics users’ clicks on online advertisements by exploiting Android’s touch reporting mechanism, MotionEvent. After the user downloads Let Me Go, Cooking Delicious, or any other of the infected apps, the malware gets launched automatically without their permission. It registers a receiver that loads a native library,, which creates and launches the ad clicks. Most of the ads that the malware clicks on are advertisements from Google’s AdMob, AppLovin, Unity, and Facebook. This is done to artificially increase traffic on commercial sites, which is how Tekya’s creators generate revenue.

The arrival of Tekya malware, unfortunately, is not the first time that malicious programs have managed to infiltrate Google Play Store by avoiding Google’s security system, Google Play Protect and Google Virus Total. Previous cases of similar infections include BearClod (aka ai.type) ad clicker, which was embedded in 47 apps available on Google Play Store and downloaded over 78 million times, and Haken, which included 8 malign apps and 50,000 downloads. Although ad clickers do not harm your device or affect your browsing, they can cause trouble elsewhere. As they can click not only on ads, but also on subscriptions, that could result in financial losses.

As we have mentioned above, the infected apps have been removed from Google Play Store, however, not before they managed to infect a great number of electronic devices. If you have installed any of the indicated apps, you should terminate them immediately. After uninstalling the malware, you should also run a system scan with a reliable anti-virus application, so that you can be certain that there are no other unwanted apps on your device.

New reports of malign applications infecting devices and running in the background without showing any symptoms appear all the time. Although Google tries to make sure to protect users from acquiring unreliable or even harmful apps by partnering up with online security companies, it is clear that safety cannot be guaranteed at all times. That is why it is so important to stay aware of the latest news in various scams and phishing techniques as it can help people to stay one step ahead of cyber crooks. In addition to that, it is always extremely useful to have reputable anti-malware installed on all devices, not just computers.

Site Disclaimer is not sponsored, affiliated, linked to or owned by malware developers or distributors that are referred to in this article. The article does NOT endorse or promote malicious programs. The intention behind it is to present useful information that will help users to detect and eliminate malware from their computer by using WiperSoft and/or the manual removal guide.

The article should only be used for educational purposes. If you follow the instructions provided in the article, you agree to be bound by this disclaimer. We do not guarantee that the article will aid you in completely removing the malware from your PC. Malicious programs are constantly developing, which is why it is not always easy or possible to clean the computer by using only the manual removal guide.

Leave a comment

Your email address will not be published.