Cybersecurity researchers at Dr. Web have found half a dozen hidden mobile apps on the Google Play Store, which actually distribute data stealers (opens in a new tab), adware, and other forms of malware via Android apps (opens in a new tab) that between have more than two million downloads.
The researchers found five malicious apps, including PIP Pic Camera Photo Editor, a malicious app with over a million downloads, posing as image editing software. Actually, it steals people's Facebook IDs.
Other malicious apps include Wild & Exotic Animal Wallpaper, an adware app that changes its name to SIM Tool Kit as soon as it is downloaded (500,000 downloads), ZodiHoroscope – Fortune Finder, another information-stealing app, Facebook ID (500,000 downloads) , PIP Camera 2022, which claims to be a camera effects app (Facebook data stealer with 50 downloads), and Magnifier Flashlight, an adware with 000 downloads.
Sneak into legitimate stores
At the time of publishing, these apps are still available for download on the Play Store, and judging by the reviews posted on the app repository, people are unhappy because the apps are blatantly scammy.
In addition to these five apps, the researchers found four others that are no longer available to the general public, including a racing game, an app offering recovery of deleted photos, a fake state compensation app for the Russian-speaking community, and an app that promises free access to Only Fans.
Although they may have been removed from the Play Store, people who downloaded them in the past are still at risk, until they remove them from their endpoints, using antivirus software or other malware removal solutions (opens in a new tab).
Security professionals have always explained that people should only download apps from verified sources, but the App Store or Play Store are not immune from cyber attacks. Users should always keep an eye on their devices, keep them up to date, install an antivirus solution, and monitor incoming and outgoing traffic with firewalls.
Via: BleepingComputer (Opens in a new tab)