Developers employed a variety of tricks to populate Google Play with more than a dozen apps that bombard users with ads, even when the apps weren't being used, researchers said on Tuesday.
Among the tactics used to lower the chances of being caught by Google or peeved users: the apps wait 48 hours before hiding their presence on devices, hold off displaying ads four four hours, display the ads at random intervals, and split their code into multiple files, researchers with antivirus provider Bitdefender reported. The apps also contain working code that does the things promised in the Google Play descriptions, giving them the appearance of legitimacy. In all, Bitdefender found 17 such apps with a combined 550,000 installations.
One of the apps Bitdefender analyzed was a racing simulator that also charged in-app fees for extra features. While it worked as advertised, it also aggressively displayed ads that drained batteries and sometimes prevented people from playing the game. After a four-hour waiting period, ad displays are generated using a random number (less than three) that was checked against a value. If the random number was equal to the value, an ad would appear.
Source: Ars Technica