Google has removed from its Google Play Store more than 60 gaming apps, many seemingly targeted at kids, that contained malware that showed pornographic ads.
Researchers from security firm Check Point discovered the malware, called AdultSwine, in apps that have been downloaded more than 3 million times, according to a report released Friday.
The gaming apps include titles such as Mcqueen Car Racing Game, Subway Banana Run Surf, and Paw Puppy Run Subway Surf.
An individual or group of hackers created these malicious games under fake publisher names to distribute their malware and make money off the scheme, Check Point researcher Daniel Padon told CNN Tech.
Once downloaded, the malicious apps displayed “highly pornographic” pop-up advertisements in a new web page, and attempted to scare users into installing fake security apps. It also intended to get users to buy worthless premium services, the researchers found.
According to Check Point, Google removed the malicious apps hours after they were notified of the issue.
“We’ve removed the apps from Play, disabled the developers’ accounts, and will continue to show strong warnings to anyone that has installed them,” a Google spokesperson told CNN Tech. “We appreciate Check Point’s work to help keep users safe.”
One user said in a comment on the Google Play Store that his son saw pornographic content on one of the apps, according to Check Point’s findings.
The malware was not found in apps that are a part of Google’s “Designed for Families” program. Google staffers manually review apps designed for children. Apps made primarily for kids under 13 must participate in this program, according to the company’s website.
Google said the malicious advertisements did not come from its ad network.
Despite Google’s security precautions, malicious apps can find their way into the Google Play Store. Check Point found 303 malicious apps in the Play Store last year.
Android users should make sure they download apps from known developers and parents of young users are urged to download apps from Google’s family program. Padon also suggested checking apps’ reviews before downloading. But some malware authors create fake reviews to make their apps seem legitimate.