Google has recently pulled 36 fake security apps from Google Play, after they’ve been flagged by Trend Micro researchers.
Posing as legitimate security solutions, and occasionally misusing the name of well-known AV vendors like Avast, the apps seemed to be doing the job: they showed security notifications and other messages, warned users about malicious apps, and seemingly provided ways to fix security issues and vulnerabilities.
But, it was all an act: the notifications are bogus, and the apps used simple animations to trick users into believing the discovered issues were resolved.
The apps’ real goals was to bombard users with ads and entice them to click on them, as well as covertly collect information about the user, the device, the OS, the installed apps, and track the user’s location, and upload all this information to a remote server.
Source: 36 fake security apps removed from Google Play – Help Net Security