Android malware caught infecting Play Store apps for kids

Android malware caught infecting Play Store apps for kids

Another day, another Android malware – Earlier today, researchers from Checkpoint released a report detailing a new malware family named Tekya committing advertising fraud.


The process involved unauthorized clicks on ads displayed within the applications in order to make the attackers earn money. These ads were displayed from networks such as Admob, Facebook, Unity & AppLovin’ representing a reasonably high reach.


Currently, the apps infected number 66 and had been downloaded 1 million times. 24 of these 66 were children apps comprising of games & puzzles while the rest are mostly utility ones including calculators, translators, etc.


How Tekya works is by hiding the native code of the applications it infects which allows it to evade Google’s in-built PlayProtect mechanism and VirusTotal as well. Then it makes use of a MotionEvent feature in Android released back in 2019 allowing it to “imitate the user’s actions and generate clicks.”

An image of 2 of the apps on the Play Store before being removed:


Image via Checkpoint



Currently, though, all of these apps have been removed from Google Play Store leaving us a lesson for the future. Concerns still remain for the fact though that Google has repeatedly failed to vet malicious apps as well as its arch-rival – the Apple App Store. This hints at a need for a new mechanism to verify the hundreds of apps uploaded daily to its platform amongst the existing 3 million+ ones.



This highlights once again that the Google Play Store can still host malicious apps. There are nearly 3 million apps av ..

Support the originator by clicking the read the rest link below.