A new batch of malicious android apps full of adware and malware were found on the google play store that have been installed over 10 million times on mobile devices.
Reading: Android apps malware
Apps masquerade as image editing tools, virtual keyboards, system optimizers, wallpaper changers, and more. however, its underlying functionality is to deliver intrusive advertisements, subscribe users to premium services, and steal victims’ social media accounts.
The discovery of these malicious applications comes from dr. web antivirus team, which highlighted new threats in a report released today.
Google has removed the vast majority of the featured apps, but as of this writing, three apps remain available to download and install via the play store.
Also, if you installed any of these apps before removing them from play store, you will still need to manually uninstall them from your device and run an AV scan to clean up any leftovers.
the new malicious android apps
adware applications discovered by dr. web are modifications of existing families that first appeared on the google play store in May 2022.
After installation, apps request permission to overlay windows on top of any app and can be added to the battery saver’s exclusion list so they can continue running in the background when the victim closes the app.
Also, they hide their app drawer icons or replace them with something like a core system component, like “sim toolkit”.
The full list of adware apps can be found at the bottom of the article, but one notable example still on the play store is ‘neon theme keyboard’, which has over a million downloads a despite the 1.8 star rating and many negatives. reviews.
“this app ‘killed’ my phone. it kept crashing, i couldn’t even enter the password to unlock the phone and uninstall it. eventually i had to do a hard wipe (factory reset) to get the phone back!!!!” !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!
The second category of malicious apps found on the play store are prank apps, known to incur fraudulent charges on victims’ mobile numbers when subscribing to premium services.
two of the apps listed, ‘water reminder’ and ‘yoga – for beginners and advanced’, are still on the play store, with 100,000 and 50,000 downloads, respectively.
both provide the promised functionality, but also perform malicious actions in the background, interacting with invisible or unfocused elements loaded through the webview and charging users with fees.
finally, dr. web spotlights two facebook account takers spread over image editing tools that apply cartoon filters on top of regular images.
These apps are ‘youtoon – ai cartoon effect’ and ‘hint – cartoon photo effect’, which have been collectively downloaded over 1.5 million times via play store.
bleepingcomputer has contacted google about the remaining malicious apps on the play store, but has not received a response at this time.
stay safe in google play store
android malware always finds a way to infiltrate google play store and sometimes apps can stay there for several months, so you should not blindly trust any app, you can blindly trust any app.
Also, always ask yourself if the promised functionality is necessary for you, as keeping the number of apps on your phone to a minimum is a reliable way to reduce the chances of malware infections.
Finally, make sure play protect is enabled on your device and regularly monitor your internet data and battery consumption to identify any suspicious processes running in the background.
As stated above, users should also check if they have any of the following android adware apps installed on their devices and if found, remove them manually and scan for viruses.
- photo editor: beauty filter (gb.artfilter.tenvarnist)
- photo editor: retouch & cutout (de.nineergysh.quickarttwo)
- photo editor – art filters (gb.painnt.moonlightingnine)
- photo editor – layout maker (gb.twentynine.redaktoridea)
- photo editor & background eraser (de.photoground.twentysixshot)
- photo & exif editor (de.xnano.photoexifeditornine)
- photo editor – filter effects (de.hitopgop.sixtyeightgx)
- photo filters & effects (de.sixtyonecollice.cameraroll)
- photo editor: blur image (de.instgang.fiftyggfife)
- photo editor: cut, paste (de.fiftyninecamera.rollredactor)
- emoji keyboard: stickers & gif (gb.crazykey.sevenboard)
- neon keyboard theme (com.neonthemekeyboard.app)
- neon theme – android keyboard (com.androidneonkeyboard.app)
- cash cleaner (com.cachecleanereasytool.app)
- fancy loading (com.fancyanimatedbattery.app)
- fast cleaner: cash cleaner (com.fastcleanercashecleaner.app)
- call skins: call themes (com.rockskinthemes.app)
- funny caller (com.funnycallercustomtheme.app)
- callme phone themes ( com.callercallwallpaper.app)
- incoming call: contact wallpaper (com.mycallcustomcallscrean.app)
- mycall – call personalization (com.mycallcallpersonalization.app)
- caller theme (com.caller.theme.slow)
- caller theme (com.callertheme.firstref)
- funny wallpapers – live wallpaper (com.funnywallpapaerslive .app)
- 4k wallpaper auto changer (from.andromo .ssfiftylivesixc c)
- newscrean: 4d wallpapers (com.newscrean4dwallpapers.app)
- wallpapers & backgrounds (de.stockeighty.onewallpapers)
- notes – reminders and lists (com.notesreminderslists.app)