Beware of Hidden Advertising in Popular Minecraft-Inspired Mobile Games
Minecraft, the wildly successful sandbox game developed by Mojang Studios, has inspired a plethora of similar games on various platforms. However, the demand for Minecraft-like games has also led to the emergence of malicious apps hiding in plain sight. McAfee Mobile Research Team recently discovered 38 such games on Google Play, which have been downloaded by at least 35 million users worldwide. These HiddenAds applications generate large amounts of stealthy advertising packets, exploiting players for advertising revenue.
As a member of the App Defense Alliance, McAfee is dedicated to protecting users from threats by improving app quality and preventing malicious software from reaching users’ devices. Upon discovering these apps, McAfee immediately reported them to Google, who swiftly removed them from the Google Play Store. Android users are further safeguarded by Google Play Protect, which alerts users of identified malicious apps on Android devices. McAfee Mobile Security identifies this particular threat as Android/HiddenAds.BJL.
Image: McAfee
The deceptive games were uploaded to Google Play under various titles and package names. Many of them have already been downloaded by millions of users, including apps with over 10 million downloads. These apps operate in a manner that allows users to play the game without noticing the significant amount of advertising packets being generated on their devices.
The hidden advertising packets are generated from various domains, including Unity, Supersonic, Google, and AppLovin. They are not displayed on the game screen, which makes it difficult for users to identify the malicious activity. A common characteristic among these games is their initial network packets. They share a similar structure and use “3.txt” as the path, appearing in the form of https://(random).netlify.app/3.txt.
This threat has been detected in numerous countries, with the most prominent detections in the United States, Canada, South Korea, and Brazil. As highlighted in the McAfee 2023 Consumer Mobile Threat Report, games are among the most accessible content for young people using mobile devices. Malware authors are aware of this trend and attempt to conceal their malicious features within games, especially those available on official stores like Google Play.
To protect themselves from such threats, McAfee recommends that users carefully review user reviews before downloading applications from any app store. Additionally, users should install security software on their devices and ensure that it remains up to date.
