Google took down a total of 29 malicious apps for Android that were advertised on the Google Play Store as beauty camera applications, but carried out activities such as stealing the user’s pictures.
The apps were discovered by cybersecurity firm Trend Micro, which said that some of them have already been downloaded millions of times. A large number of the downloads were from users in Asia, particularly in India. In total, the 29 malicious Android apps were downloaded over 4 million times before they were removed from the Google Play Store, with three of them accounting for over 3 million downloads.
Trend Micro said that after downloading one of the malicious apps, users will not suspect anything wrong until they try to delete it. One example is a package that will hide the app’s icon to make it more difficult to uninstall it. The apps also used compression archives, also known as packers, to make them hard to analyze. There was also no indication that the apps were the ones behind the issues that users suddenly experienced.
Some of the malicious apps load full-screen advertisements for fraudulent or pornographic content each time the Android device is unlocked. Others will forward users to phishing websites that will try to steal sensitive information. Some of the attempts to steal contact details of users were disguised as pages for claiming prizes. Trend Micro also discovered that an adult video player, advertised by the apps, did not play any content after it was purchased.
One of the more alarming activities of the malicious Android apps was requesting for users to upload pictures to “beautify” them. The images were uploaded to a private server, and instead of a filtered photo, the app displayed a message that said an update was required. Trend Micro believes that the pictures were stolen, and used for purposes such as making fake social media accounts.
This is far from the first time that security problems were discovered in Android apps. Last year, there were apps that tracked children’s personal data, secretly recorded the smartphone’s screen, and attempted to phish cryptocurrency logins. As always, users can help protect themselves and their sensitive information from malicious apps by only downloading Google Play Store apps made by trusted developers and publishers.
Editors’ Recommendations
- Four fake cryptocurrency apps were listed on the Google Play Store
- Popular Android navigation apps are just Google Maps with ads, researcher says
- Twice as many publishers earned first million on Apple App Store vs Google Play
- Here’s how to download podcasts and listen to them on Android or iOS
- How to get Android apps on a Chromebook