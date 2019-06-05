GUESS WHAT? More adware has sneaked past the automated security of Google's Play Store and got into some 238 apps.

Discovered by cybersecurity firm Lookout, the adware dubbed BeiTaAd or BeitaPlugin can serve adverts that not only appear in apps but can also pop up on the lock screen and during phone calls; typically areas where Google would prevent such disruptive advertising. This is hardly the most malicious use of adware, but it would likely drive some Android users mad.

What's most significant about BeiTaAd is its reach; infecting 238 apps is no mean feat, though a lot of those were more add on bits of software, say plugins for software keyboards, rather than full-fat apps.

"Cumulatively, these applications amount to over 440 million installations, making this family unique in its prevalence and the level of obfuscation used to hide the plugin's existence," said Kristina Balaam, security intelligence engineer at Lookout.

"While the vast majority of free mobile applications monetise their apps through Ad SDKs or plugins, the persistence of the advertisements in this particular family and the lengths to which the developer went to hide its existence make the BeiTaPlugin concerning."

One way the adware hides is by not firing up adverts once an infected app is installed, but rather it waits at least 24 hours after the app is launched before cranking out ads. Pretty smart if you ask us.

All the apps affected were created by Shanghai-based company CoolTek, meaning one could speculate that the adware is of Chinese origin.

Lookout alerted Google to the adware problem and the search giant subsequently yanked the affected apps off the Play Store, though it looks like the damage had already been done given the number of users potentially affected.

The whole situation highlights that Google still had work to do to keep its Play Store free of digital nasties, though we guess that's part and parcel of having an open software ecosystem. µ