Researchers have uncovered another batch of seemingly innocent Android apps that are actually designed to deliver malware to devices (Opens in a new tab) and increase spending by unsuspecting victims.
Dr. Web Antivirus Team (opens in a new tab) discovered the latest batch that included wallpaper apps, keyboards, photo editors, video editors, and occasional cache cleaners or system maintenance apps and has over 10 million of downloads between them. .
A total of 28 apps were found on the Google Play Store, having successfully bypassed Google's strict security policies.
Hacked Android Apps
Regarding damages, the practice is more or less the same. Once installed, most apps will attempt to hide themselves, changing their appearance in the app drawer to that of a system app. In this way, they hope that users will be discouraged from uninstalling them. The apps would then send advertisements and try to enroll the victim in various premium services, in order to incur additional charges.
None of this would have been possible if users hadn't given apps the necessary permissions. Although the apps are simple in design (and actually do what they are advertised to do), they often ask users for advanced permissions, such as permission to opt out of battery saver, so they can remain operational on the go. background even when the user terminates it, which in itself is a major red flag.
Most of the apps have already been removed from the Play Store, but three remain. However, even though all the apps have been removed, they have been downloaded millions of times, and until all victims remove them from their devices, they will remain a threat.
Since malicious apps can hide in plain sight, downloading them exclusively from known sources is no longer the only advice. Users should also read reviews as they are a good indicator of the legitimacy of the apps. Also, be sure to search for a lot of reviews, as sometimes threat actors can fake some of them. If an app only has a handful of reviews, it's best to stay away.
Here is the full list of malicious apps discovered by researchers:
- Photo Editor - Beauty Filter (gb.artfilter.tenvarnist)
- Photo Editor - Retouch & Crop (de.nineergysh.quickarttwo)
- Photo Editor - Artistic Filters (gb.painnt.moonlightingnine)
- Photo Editor - Layout Creator (gb.twentynine.redaktoridea)
- Photo Editor & Background Eraser (de.photoground.twentysixshot)
- Photo and Exif editor (de.xnano.photoexifeeditornine)
- Photo Editor - Filter Effects (de.hitopgop.sixtyeightgx)
- Photo filters and effects (de.sixtyonecollice.cameraroll)
- Photo Editor: Blur Image (de.instgang.fiftyggfife)
- Photo Editor - Cut, Paste (de.fiftyninecamera.rollredactor)
- Emoji Keyboard: Stickers & GIFs (gb.crazykey.sevenboard)
- Neon Theme Keyboard (com.neonthemekeyboard.app)
- Neon Theme - Android Keyboard (com.androidneonkeyboard.app)
- Cache Cleaner (com.cachecleanereasytool.app)
- Fancy Charge (com.fancyanimatedbattery.app)
- FastCleaner: Cash Cleaner (com.fastcleanercashecleaner.app)
- Call Skins - Call Themes (com.rockskinthemes.app)
- Funny Caller (com.funnycallercustomtheme.app)
- CallMe Phone Themes (com.callercallwallpaper.app)
- InCall: Contact Background (com.mycallcustomcallscrean.app)
- MyCall - Call Personalization (com.mycallcallpersonalization.app)
- Caller theme (com.caller.theme.slow)
- Caller theme (com.callertheme.firstref)
- Funny Wallpapers - Live Wallpaper (com.funnywallpapaerslive.app)
- 4K Auto Wallpaper Changer (de.andromo.ssfiftylivesixcc)
- NewScrean - 4D Wallpapers (com.newscrean4dwallpapers.app)
- Wallpapers & Backgrounds (de.stockeighty.onewallpapers)
- Notes - Reminders & Lists (com.notesreminderslists.app)
- Stay safe by deploying next-generation firewalls (opens in a new tab) today
Via: BleepingComputer (Opens in a new tab)