HiddenAds was first discovered in 2019. The malware is a classic adware and specializes in displaying a huge amount of intrusive ads, opens promo pages or pages with a large number of ads in victims' mobile browsers.
Vavra writes that almost all detected applications (a complete list can be seen here) imitated various popular games, and the hacker group behind the campaign actively used social media advertising and other marketing ploys to attract as many users as possible to their “products”. Obviously, this worked, since in total the applications were downloaded about 8,000,000 times.
After the victim installed any of these "games", HiddenAds immediately hid the application icon (to make it harder for the user to uninstall the application in the future) and then began bombarding the victim with ads.
The researchers note that six malicious apps have not yet been removed and are still available on the Google Play Store, Shoot Them, Helicopter Shoot, Find 5 Differences – 2020 NEW, Rotate Shape, Cover art Find the Differences – Puzzle Game and Money Destroyer.
Considering that such adware in general and HiddenAds in particular are often found in the official app store, Vavra once again urged users to be more careful.
“Users need to be vigilant when downloading applications to their phones. They are advised to carefully check the profile of the application, reviews, and also be careful when the application requests multiple permissions on the device, ”the expert writes.
Vavra also notes that such malware disguised as games is often targeted at children, therefore, in his opinion, parents should pay more attention to information security issues and tell their children about malware and other online threats.