Malware found lurking in kids' Play Store apps, security firm finds

Google removes more infected apps.

Rae Hodge Former senior editor
Rae Hodge was a senior editor at CNET. She led CNET's coverage of privacy and cybersecurity tools from July 2019 to January 2023. As a data-driven investigative journalist on the software and services team, she reviewed VPNs, password managers, antivirus software, anti-surveillance methods and ethics in tech. Prior to joining CNET in 2019, Rae spent nearly a decade covering politics and protests for the AP, NPR, the BBC and other local and international outlets.
Rae Hodge
2 min read
James Martin/CNET

A host of utility and children's apps in the Google Play Store contained hidden auto-clicker malware, amounting to more than a million installs across Android devices, researchers at security firm Check Point recently discovered. Google removed the apps earlier this month once Check Point disclosed its findings to the company. 

The new family of malware was found in 56 apps, 24 of which were apps for kids. The rest were utility apps like calculators and translators. The malware, dubbed Tekya, imitates user actions to automatically click ads and banners, in a bid to commit ad fraud. The malware went undetected by the Google Play Store and Google's anti-malware scanner Play Protect during Check Point's research, according to the firm's analysis. 

"To us, the amount of applications targeted and the sheer number of downloads that the actor successfully infiltrated into Google Play is staggering," Aviran Hazum, manager of mobile research at Check Point, said in a Tuesday release. "Combine that with a relatively simple infection methodology, [and] it all sums up to the learning that Google Play Store can still host malicious apps. It is difficult to check if every single application is safe on the Play Store, so users cannot rely on Google Play's security measures alone to ensure their devices are protected."

A full list of the apps found to have malware is available on Check Point's website. If you've installed one of the infected apps, Check Point recommends uninstalling it right away, and making sure you've updated your Android device with the latest Google security patches and operating system version.

Google didn't immediately respond to CNET's request for comment. 

Watch this: WhatsApp update fights malware that infects devices with just a call