Avast has announced that it has discovered 40 adware apps on the Google Play Store using Avast’s mobile threat intelligence platform, apklab.io. The installations of the apps, which Avast is referring to as TsSdk, range from 5K to 5M installations. The adware persistently displays full screen ads, and in some cases, tries to convince the user to install further apps.
The adware applications are linked together by the use of third-party Android libraries which bypass the background service restrictions present in newer Android versions. Although the bypassing itself is not explicitly forbidden on the Play Store, Avast detects it as Android:Agent-SEB [PUP], because apps using these libraries waste the user’s battery and make the device slower. The applications use the libraries to continuously display more and more ads to the user, going against Play Store rules.
Avast has contacted Google to have the apps removed. Avast named the adware TsSdk, because the term was found in the first version of the adware.