The measures taken by Google to prevent malicious applications in the Play Store were still insufficient. It turned out that 56 harmful apps that target most kids on Google Play affect about 1.7 million devices. The malware named Tekya generates fraudulent clicks for ads published by platforms such as AdMob, AppLovin ‘, Facebook and Unity. Tekya uses Android’s “MotionEvent” feature to mimic user actions on infected devices. Security firm Check Point has announced that applications cannot be detected by VirusTotal and Google Play Protect. It was stated that 24 of the applications including Tekya were developed for children. Applications that contain malware included applications such as calculators, recipes, translations, and racing games. These harmful applications are written in local Android code (usually in C and C ++ programming languages) so that they cannot be detected by security systems. The local library “libtekya.so” has been loaded in the libraries folder inside the APK file of the applications. Therefore, applications could not be detected by Google. After Check Point’s warning, Google announced that it has removed 56 harmful apps. You can find the report published by the security company here.
