New adware dubbed "LightsOut" is making the rounds in Google Play, hiding in 22 flashlight and utility apps that have been download up to 7.5 million times, reports Check Point Research, which made the discovery.
LightsOut embeds its malicious script into flashlight and utility apps that appear legitimate. It then hides its icon when the app is launched, making it difficult for the user to remove the adware.
Although the malicious app offers users a control panel and checkbox to disable additional services, such as displaying ads, LightsOut can override users' efforts. As a result, the persistent ads do not appear related to the control panel and checkboxes, reports Check Point.
Any Wi-Fi connection, a locked screen, a cell phone call that ends, or a charger plugged into a device can trigger the LightsOut adware, according to Check Point.
Read more about LightsOut here.