The Google Play Protect feature on the Google Play app store that aims to protect Android devices from potential malware was found been unable to deliver airtight security in at least one case, research has indicated. According to the research by Check Point that was published on Tuesday, hackers are still finding ways to infiltrate the app store to commit ad fraud. The cybersecurity company further claimed that a new malware family was operating in 56 Android apps and was unknowingly downloaded over a million times worldwide. The malware dubbed 'Tekya' was also reportedly found in 24 children's apps and several other utility apps such as cooking apps, calculators, and so on.
To commit ad fraud, researchers at Check Point found that through the Tekya malware, hackers cloned several popular apps, renamed them and put back onto the store with the adware mobile included. Some of the infected apps include Cooking Delicious, Let Me Go, Race in Space. The complete list can be view on Check Point's research portal.
"'Tekya' – imitates the user's actions in order to click ads and banners from agencies like Google's AdMob, AppLovin', Facebook, and Unity. 24 of the infected apps were aimed at children," the researchers noted.
It was also pointed out that the Tekya malware went undetected by Google Play Protection because it hid in the native code of the infected apps.
The paper added that Google has removed the dubious app from Google Play. However, in the concluding section, the Check Point research warned that this whole episode highlighted the potential risks Google Play can face.
Recently, Google also announced new ways in which its Advanced Protection Program is defending users from malware on Android devices. The new introductions by Google included limiting app installations from outside the Play Store and automatically turning on Play Protect app scanning. Currently, there are nearly 3 million apps available from the Play store, with hundreds of new apps being uploaded daily.