Experts warn that one of the most popular PDF reading apps on the Google Play Store is actually just a delivery tool for potentially harmful adware.
An investigation by Malwarebytes found that an application with the ingenious name “PDF Reader – Document Viewer” did nothing of the sort, but instead flooded users’ devices with annoying full-screen ads even when not in use.
The company warns that the app already has over a million downloads and that Google has yet to remove it, meaning even more victims could soon become addicted.
In blog post (opens in a new tab) In describing the scam, Malwarebytes notes what the app looks like to deceive users by not showing ads immediately after being installed.
Instead, it waits for several hours, making it difficult to tell which app caused the problem. However, when activated, the app fills the user’s home screen with full-page ads, blocking them from accessing the device unless they click the ad.
Video ads are also displayed that effectively prevent the user from accessing the device, and the ads start to run more frequently the longer the app remains unchecked.
Malwarebytes notes that a few red flags appeared on the first page listing Google Play apps that may have informed users that this is not a legitimate service. This includes a content rating of “Mature 17+” – quite unusual for an Android PDF reader, and the developer name of “Fairy Games” – again, not something you usually associate with such a service.
“If you have many applications installed on a mobile device, it is very difficult to track them down,” noted Malwarebytes. “Another reason for not blindly trusting you are safe when installing exclusively from Google Play. Even though the Play Store is by far the safest place to install Android apps, it can also cause bugs from time to time. Having an anti-malware scanner, or in this case anti-adware, is a good idea. Stay safe there! “