Android devices have become major targets for cyberattacks recently. Whether it’s phishing scams, infected APKs, or any other form of attack, they’re always in the headline. We also have to question Google Play Store’s security measures nowadays as malicious apps are infiltrating its library.
Researchers have detected new applications on the Android store hosting adware and information-stealing malware. That’s not even the worst part. These apps have a combined 2 million downloads, which shows the magnitude of this campaign.
Apps that demonstrate malicious functionality and deliver nothing of their promised features should be avoided. But why do they have so many downloads? How are they present within Google Play? The answers lie in the article below.
New Android Malware – Where’s Play Store’s Security?
Not long ago, other malicious applications were found on Google Play Store as well. In that particular attack, over 200 malicious apps were spreading Facestealer to harvest user credentials and other valuable information.
This time around, the attack involves a couple of apps only, but with millions of downloads. Once the victim downloads the app, they’ll definitely notice that something is off.
Aside from not doing what it promised to do, it’ll initiate actions that it’s not supposed to. For example, the malicious app will display unwanted advertisements, which can be particularly intrusive.
The attackers made sure that the malware is well hidden. They can easily make money since clicks on the “unwanted advertisements” can generate revenue from views and clicks.
Other drawbacks of these applications include battery depletion, heat generation, as well as hidden and unauthorized charges.
The Apps – Malicious to the Core
According to the research, the following apps are on Google Play Store with over 2 million downloads combined:
- Wild & Exotic Animal Wallpaper – 500,000 downloads, an adware trojan that replaces its icon and name to ‘SIM Tool Kit’ and adds itself to the battery-saving exceptions list.
- ZodiHoroscope – Fortune Finder – 500,000 downloads, malware that steal Facebook account credentials by tricking users into entering them, supposedly to disable in-app ads.
- PIP Pic Camera Photo Editor – 1 million downloads, malware masquerading as image-editing software, but which steals the Facebook account credentials of its users.
- PIP Camera 2022 – 50,000 downloads, camera effects app that is also a Facebook account hijacker.
- Magnifier Flashlight – 10,000 downloads, adware app that serves videos and static banner ads.
Unfortunately, some of the apps are still available on Google Play Store. This poses a huge threat to everyone who uses an Android device. And to add insult to injury, users are still downloading the apps despite others sharing their bad experiences on the platform.
We noticed that the comment by Reeham Mwangi clearly states that the app takes them to a Facebook Login page. This solidifies what the report by Dr. Web states. The fake camera app clearly distributes malware to hijack Facebook accounts.
New Android Malware – Google Play Hit Again
Unfortunately, it doesn’t stop with the applications we stated above. Dr. Web’s security firm reported that there exist other apps targeting different types of audiences in several countries.
The researchers found a racing game as well as a deleted image recovery tool. Not only that, but another app is targeting Russian users as it promises to give “free access” to the Only Fans platform.
When it comes to malware, being vigilant is your number one priority. You can’t go roaming around downloading apps without checking their legitimacy.
Apparently, you can’t even trust everything you find on Google Play. In this case, make sure you give the reviews a quick read before you download them. That way, you’ll at least know whether to get the app or report it, to the very least.