A growing cyber threat is putting Android users at risk, with 2.5 million malicious apps being installed each month. These apps may seem harmless at first, but they are designed to generate fraudulent ad impressions and disrupt your phone’s normal functions.
The threat, known as “Kaleidoscope,” is a form of ad fraud that constantly changes to avoid detection.
Attackers first upload benign versions of apps to the Google Play Store and then distribute malicious replicas through third-party app stores and social media ads. Users are tricked into downloading these fake apps, which appear legitimate.
Once installed, these apps show intrusive full-screen ads even when users are not interacting with their phones. These ads are a way for cyber criminals to earn money while harming the phone’s performance.
The report from Integral Ad Science (IAS) warns that the attackers have updated their tactics, embedding a malicious SDK in apps, making it harder to detect the fraud.
Google has removed some flagged apps from the Play Store, but the risk remains high for users who sideload apps from unofficial sources.
Sideloading, which allows users to install apps from third-party stores or direct links, has become a key way that these malicious apps spread. Although Google has taken steps to restrict sideloading in Android 15, it’s still an ongoing problem for Android users.
To protect yourself, scan your phone for infected apps and delete any apps you recognize from the list. Be careful with how many apps you sideload and stick to trusted app stores to reduce the risk of infection.
This threat shows how attackers are constantly adapting to evade security measures. Experts urge users to remain vigilant and limit the number of apps installed from unofficial sources to avoid falling victim to these evolving schemes.
