Search
Search
Close this search box.

Instant Apps – Is it a Virus ?

Instant Apps

The Google Play Instant apps feature enables users to try apps without installing them. Android apps with this feature have a “Try Now” button next to the “Install” button in Google Play. When a user clicks “Try Now,” a virtual application is installed that allows the user to experience the app and decide if they want to install the full version. This aspect makes it useful, especially where the app file is large. Users can get a sneak preview and decide if the download is worth their time. Play store runs this service using Google Play Services for Instant Apps.

Instant Apps

(Image source: Google Play Store)

Unfortunately, while the intention by Google was noble, the feature quickly ran into problems. Below are some of the problems with the Instant Apps feature:

  • Instant Apps Downloaded Without Permission: One of the main problems is that on some Android versions, users experienced apps suddenly downloading themselves without permission leading to instant apps virus speculation. There are numerous complaints online by aggrieved Android users who have experienced Google Play Services for Instant Apps installing itself and downloading instant apps without permission. But, is instant apps a virus. From the information in the opening paragraph, it’s clear that instant apps are not a virus. But, given this behavior on some Android versions and devices, it is understandable why users would immediately think of Instant apps Android virus. 
  • Security Vulnerability: Instant apps have proven to be a security nightmare. Over the years, researchers have demonstrated a significant security vulnerability that’s exploitable to steal information. The vulnerability was first introduced in Android 4 (Kit Kat) in 2013 but wasn’t that easy to exploit until the introduction of instant apps in 2016. The Android Webview component allowed hackers to steal personal information and cookies. Criminals could steal authorization tokens and see the browser history. The core function of instant apps is to open the Chromium browser and download a small file. This file is executed as a native app. This file is deleted as soon as the instant app is closed, but criminals created malicious instant apps that hijacked the browser and allowed the attacker to read Webview contents. This vulnerability persisted for four years and was only patched in January 2019.
  • Advertisements: Some Android devices such as Huawei, Tecno, and Infinix use modified Android versions that come with lots of bloatware. On these devices, instant apps allow users to play games without installation, but the games also come with non-gaming advertisements intrusive ads that keep popping up on the screen. 

How to Stop Instant Apps from Downloading

One of the main causes of apprehension amongst Android users is instant apps downloading by itself. There are several ways to stop instant apps downloading automatically. 

Use the Google Play App

The first method is to open the Google Play App, and then select Settings > Google Play Instant and toggle the switch to turn off the auto-download setting, as shown in the screenshot below.

Rooted Devices

The second method is quite technical and is for rooted devices. Without going into too much technical detail, the method involves blocking write access to the cache folder. Android uses this folder to download system applications such as Google Play Services for Instant Apps. This method is the permanent way to stop instant apps from downloading by itself. 

How to Uninstall Instant Apps

Stubborn instant apps are caused by custom Android versions where the instant app file isn’t deleted immediately as intended. If you are experiencing intrusive ads or have icons on your home screen indicating favorite apps, you most likely have a modified Android version. There are several options to uninstall instant apps from your mobile device in such a scenario. 

Use the Application Manager

There are different ways to do this, depending on your Android version. Go into Settings and navigate to the app list. Tap on Force Stop, then select Storage and Clear both Data and Cache, as shown in the screenshots below. 

Restart the Device in Safe Mode

If uses the application manager doesn’t work, restart the device in safe mode. Check your device user manual to learn how to start it in safe mode. For example, most Samsung phones require the user to press and hold the volume down key when the Samsung logo appears. Safe mode allows you to uninstall third-party apps that are causing problems. Go back to the app list and sort the applications based on the most recent to the oldest. If you can remember when you started having problems with the phone, then you easily identify the offending app and uninstall it. 

If you still can’t identify the app causing problems, return to the settings screen and type “Admin” in the search field, as shown in the screenshots below.

This will provide you with a list of all applications that have admin privileges on your phone. If you find a suspicious app on this list, revoke the permissions. Restart the device and see how it behaves. 

Factory Reset

The vulnerability we mentioned affects pre-Android 7 devices. This security loophole allowed criminals to install malicious apps on phones. If your phone was already infected before the patch, then you have to wipe it to get rid of the malware. It is possible to remove malware using an Antivirus, but the best way to be sure is to Factory Reset the phone. This erases all the applications and data on the Android phone. 

To perform a factory reset, first back up your phone. The process depends on your Android device. For example, in Android 6 (Marsh Mallow), go to Settings and select “backup my data.” In Android 8 (Oreo), go to Settings, then System, and select Backup. Your files and apps will be backed up to your Google account. 

To reset, go back one level and select, Reset Options. 

instant apps

Change Your Device or Firmware

If a factory reset doesn’t cure the problem, you have no choice but to replace your device. Resetting a device that uses a modified Android version rarely fixes the problem because the problem is hard-wired into the firmware. The only other alternative to purchasing another device from a more reputable manufacturer is to replace the firmware. 

Search online for original Android firmware for your device and reboot your phone into download mode. On most devices, this is done by switching off the phone and then pressing the Volume Down, Power, and Home buttons simultaneously. Once in download mode, connect the phone to a PC using a USB cable and then use a free tool like Odin to flash the firmware. 

instant apps

(Image source: Odindownload.com)

Tips to Avoid Instant Apps

While instant apps were intended to provide users with a way to try apps before installing them, most users have a bittersweet experience with them. If you don’t want to have the option for instant apps, follow the tips below:

  • Disable the feature in the Google Play App: This ensures that instant apps never download on your phone unless you explicitly click on a web link.
  • Avoid non-Store apps: This is not to say that all non-store apps are shady. Some developers don’t like to share their income with Google, which is completely understandable. But, most apps with nefarious features are installed via APK files. 
  • Buy your phone from a reputable brand: Avoid manufacturers that use modified Android versions. Use original Android firmware, and you won’t have to deal with self-installing apps and bloatware. 
TAGS :
SHARE :
What are progressive we apps
Android app development tips
Mobile App Development Trends in 2023

Explore our topics