Malicious adware found in 238 Google Play Store apps

Carefully disguised adware rendering smartphones and tablets practically useless has been found in 238 applications on Google’s Play Store, potentially affecting in excess of 440 million Android devices.

The findings were announced in a blog post by mobile security company Lookout, who discovered the issue and promptly reported it to Google. All offending software has since been removed from the Play Store or updated to no longer include the plugin responsible.

All of the applications were produced by Chinese mobile developer CooTek, including popular free keyboard TouchPal, which has been installed more than 100 million times.

The plugin, known as BeiTaAd, appears harmless in the immediate aftermath of any installation, misleading the user into believing any subsequent issues are not linked to such applications.

However, at any time between 24 hours and two weeks following installation, the infected applications begin to show out-of-app-ads. As opposed to banner or pop-up adverts, they display in the lock screen, playing audio and video involuntarily. These can even be triggered when the device was asleep.