Researchers said that a tip from a child led them to discover aggressive adware and exorbitant prices lurking in iOS and Android smartphone apps with a combined 2.4 million downloads from the App Store and Google Play.
Posing as apps for entertainment, wallpaper images, or music downloads, some of the titles served intrusive ads even when an app wasn’t active. To prevent users from uninstalling them, the apps hid their icon, making it hard to identify where the ads were coming from. Other apps charged from $2 to $10 and generated revenue of more than $500,000, according to estimates from SensorTower, a smartphone-app intelligence service.
The apps came to light after a girl found a profile on TikTok that was promoting what appeared to be an abusive app and reported it to Be Safe Online, a project in the Czech Republic that educates children about online safety. Acting on the tip, researchers from security firm Avast found 11 apps, for devices running both iOS and Android, that were engaged in similar scams.
Many of the apps were promoted by one of three TikTok users, one of whom had more than 300,000 followers. A user on Instagram was also promoting the apps.
“We thank the young girl who reported the TikTok profile to us,” Avast threat analyst Jakub Vávra, said in a statement. “Her awareness and responsible action is the kind of commitment we should all show to make the cyberworld a safer place.”
The apps, Avast said, made misleading claims concerning app functionalities, served ads outside of the app, or hid the original app icon shortly after the app was installed—all in violation of the app markets’ terms of service. The links promoted on TikTok and Instagram led to either the iOS or Android versions of the apps depending on the device that accessed a given link.
Targeting “younger kids”
“It is particularly concerning that the apps are being promoted on social media platforms popular among younger kids, who may not recognize some of the red flags surrounding the apps and therefore may fall for them,” Vávra added.
Avast said it privately notified Apple and Google of the apps’ behaviors. Avast also alerted both TikTok and Instagram to the shill accounts doing the promotions.
A Google spokesman said the company has removed the apps, and Web searches appeared to confirm this. Several of the apps for iOS appeared to still be available in the App Store as this post was being prepared. Representatives from Apple and TikTok didn’t immediately have a comment for this post. Representatives with Facebook, which owns Instagram, didn’t respond to a request to comment.
Android users by now are well-acquainted with the Play Store serving apps that are either outright malicious or that perform unethical actions such as deliver a flood of ads, often with no easy way to curtail the deluge. Abusive apps from the App Store, by contrast, come to light much less often—not that such iOS apps are never encountered.
Last month, researchers discovered more than 1,200 iPhone and iPad apps that were snooping on URL requests users made within an app. This violates the App Store’s terms of service. Using a software developer kit for serving ads, the apps also forged click notifications to give the false appearance that an ad viewed by the user came from an ad network controlled by the app, even when that wasn’t the case. The behavior allowed the SDK developers to steal revenue that should have gone to other ad networks.
People considering installing an app should spend a few minutes reading ratings, reviewing prices, and checking permissions. In the case of the apps found by Avast, the average rating ranged from 1.3 to 3.0.
“This all is bad don’t buy,” an iOS user wrote in one review. “I accidentally bought it. 8 dollars wasted and it doesn’t work.”
Apple’s latest earnings report was received cautiously by top Wall Street analysts as uncertainty around iPhone sales weighed against better-than-expected headline numbers.
The consumer tech giant reported higher-than-expected earnings per share and revenue for its fiscal fourth quarter Thursday, with results for services, Mac computers and iPads beating projections. Sales of the flagship iPhone, however, fell short, and Apple did not provide guidance for the upcoming quarter.
Shares of Apple were down about 4% in premarket trading to around $111 per share as traders digested the report.
Apple’s new Apple One series of services bundles launches on Friday in over 100 countries and regions, but the top Premier tier will be limited to the United States, the United Kingdom, Australia, and Canada.
The limited rollout of the $29.95 Premier tier is down to the fact that Apple News+ is currently only available in the above countries. Apple News+ is exclusive to the Premier tier, along with Apple Fitness+, which isn’t expected to arrive until later in the year.
Here’s how the Individual, Family, and Premier tiers stack up:
Individual: Apple Music, Apple TV+, Apple Arcade, and 50GB of iCloud storage for $14.95 per month
Family: Apple Music, Apple TV+, Apple Arcade, and 200GB of iCloud storage for $19.95 per month, can be shared among up to six family members
Premier: Apple Music, Apple TV+, Apple Arcade, Apple News+, Apple Fitness+, and 2TB of iCloud storage for $29.95 per month, can be shared among up to six family members
Apple One’s Individual tier offers savings of $6 per month, while the Family plan offers savings of over $8 per month, and the Premier plan offers a savings of over $25 per month, compared to standard monthly pricing. Apple One includes a 30-day free trial for any services that customers do not already have.
Sony offering PSVR owners a free camera adapter to use with the PS5 pretty much tells you that the company has no plans to release a new virtual reality headset anytime soon. Now, Sony Interactive Entertainment CEO Jim Ryan has confirmed to The Washington Post in an interview that there “won’t be any immediate leaps forward” from the company when it comes to virtual reality. He didn’t talk about hardware in particular, but based on what he said, it’s unclear when we’ll see the next-gen PSVR.
That doesn’t mean PlayStation is stepping back from virtual reality. Ryan told the publication that the company believes VR will “represent a meaningful component of interactive entertainment,” though it probably won’t happen anytime soon. He also said that the company is looking forward to seeing where the lessons it learned from PSVR will take it, ensuring PlayStation’s continued investment in virtual reality. He said:
“I think we’re more than a few minutes from the future of VR. PlayStation believes in VR. Sony believes in VR, and we definitely believe at some point in the future, VR will represent a meaningful component of interactive entertainment. Will it be this year? No. Will it be next year? No. But will it come at some stage? We believe that. And we’re very pleased with all the experience that we’ve gained with PlayStation VR, and we look forwarding to seeing where that takes us in the future.”
In addition, Ryan talked about Sony’s hopes to grow PlayStation Plus’ subscriber numbers. The company will offer Plus subscribers on the PS5 access to “20 free top-tier PS4 games” so they can give older games a try. When it comes to upcoming games for its next—gen console, Ryan said that putting technologies like “3D Audio and haptic feedback… in the hands of a great game developer” will take “immersiveness… to the next level.”
Ryan expects more games with rich storytelling and narrative elements, as well, since they’ll be much more powerful “when they’re realistic,” which is something the PS5 is capable of providing. “[T]here’s this kind of happy sort of synergy between technology progress and our great ability to tell stories,” he explained. “I see that’s a trend that will only continue.”
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.