Researchers at Check Point Software Technologies LTD recently discovered a new category of adware on the Google Play store which uses malicious scripting to show ads and prevent users from removing them. Due to the software's tendency to show up in flashlight applications and other utility applications, the adware has been dubbed "LightsOut." Surprisingly enough, by the time Check Point was able to notify Google about the problem, the researchers had estimated that between 1.5 million and 7.5 million applications had been downloaded containing the adware. Google has since removed the apps from the Google Play Store. However, any users who are suffering strange advertisement activities may want to check utilities and flashlight apps they have recently installed as those may be the culprit.
In the meantime, Check Point has uploaded a video and provided a description highlighting how LightsOut works and what exactly it does – which are accessible via the source link below. After downloading an affected application, users would begin to see advertisements whenever they used it. However, an option was also made available via a given application's in-app settings to disable advertisements. As tempting as toggling that switch to the off position might be, doing so would then result in advertisements extending far beyond their appearance in the application. In fact, users were noticing advertisements cropping up and getting in the way while trying to answer phone calls or during any number of other common phone activities. The adware took things even further by also hiding the notification icon for advertisements and continuing to display ads even if a user opted to buy an ad-free version of the application. The sole purpose of the applications effectively changed to become a way to spam users with advertisements and to hide from detection by the user. In some instances, toggling advertisements to "off" also removed the application's icon from devices, making it even more difficult to narrow down a culprit and remove the offending app.
As pointed out by Check Point, the discovery of a new strain of malicious software in the official Google Play Store really goes to show that users should be cautious about downloading applications even when they come from an official source. Google has made a lot of headway toward preventing harmful apps from cropping up there, but there really is no such thing as perfect security. While the advertisements were undoubtedly annoying and inconvenient, the situation could easily have been much worse.