Google didn’t notice a malicious BeitaAd adware had existed on the Play Store for 7 months now

Google didn’t notice a malicious BeitaAd adware had existed on the Play Store for 7 months now

Google continues to innovate the Android OS and along with it is user security. There is no doubt that Google still is one of the most advanced security in the digital world. However, there is still no such thing as perfect. And a multi-billion-dollar company who spends millions in security improvements can still have lapses.

This year, Google already banned a developer on Play Store for being malicious and stealing other developers’ download hits. Recently, Google discovered another adware that was able to slip through their watchful eyes for some time now.

The China-based developer CooTek has been recently banned from the Google Play Store. CooTek developed over 200 Android applications, all of which at one point contained a dangerous piece of adware called BeiTaAd. The evidence shows that the developer secretly placed BeitaAd into its apps on purpose in an effort to push obtrusive ads to users, and even attempted to hide it so Google won’t detect it.

How BeiTaAd works

The adware works when a user installs an app made by Chinese studio CooTek; for example, the keyboard app TouchPal, which has over 100,000,000 installs and 1.5 million reviews. Once installed, anywhere from 24 hours to 14 days later, BeiTaAd would start pushing system-level ads to the user, which means the ads appeared outside the app in areas like the lock screen.

Some of these ads would trigger audio and video at random times, interrupting phone calls or waking the user up in the middle of the night. So, it’s quite alarming how Google was not able to detect such an obvious malicious adware present in over 200 apps, and collectively has over 440-million installs.

Evidence also showed that BeiTaAd already exists in the Google Play Store for seven months.

Google takes action

Apparently, Lookout, the one who discovered the BeiTaAd adware on CooTek apps, cannot find the code directly related to the developer. The developer can easily deny that they themselves were victims of the adware. Unfortunately, that won’t be an easy excuse since the adware can only be found specifically on CooTek apps.

Currently, the total of 238 CooTek apps have been removed from the Play Store or updated to a new version without the adware. Those who have already installed the CooTek apps on their phone, they will not lose it. However, it is highly recommended to uninstall any CooTek apps as soon as possible, especially if you’ve noticed weird ads appearing out of nowhere.

Again, CooTek is already banned from the Google Play Store and can no longer submit apps. So, Android users can rest assured that no other new CooTek app will emerge with a dangerous hidden adware on it.

This also should act as a reminder to always use caution when installing a new app on your phone, no matter how popular or well-reviewed it might be. 

Interestingly, the developer CooTek is not yet banned from the Apple Play Store. We don’t know how Apple will play this issue.


Leave a Reply