New malware has been discovered on Android. 35 applications, downloaded more than two million times in all, have sneaked into the Play Store to distribute advertising at all costs on the phones of their victims.
Android is far from immune to malware. A very recent case illustrates this perfectly. Cybersecurity specialists at BitDefender have indeed identified 35 fraudulent applications distributed via the Play Store. In all, these software total more than two million downloads.
Very discreet pirate applications
The apps that are mainly used to flood infected phones with advertising all use more or less the same technique to go unnoticed. On the user side, the applications will hide their presence so as not to be uninstalled. Most change their name and logo once installed to pass themselves off as legitimate apps. The app GPS Location Map, for example, turns into a dumb “Settings” app once installed. Even more vicious, the application actually redirects to the phone’s settings, but not before launching a service in the background that allows advertising to be injected here and there into the phone. To make matters worse, pirate apps also don’t show up in the recent apps carousel.
On the Play Store side, it seems that these malware went under the radar by first uploading a very legitimate version, before injecting it with malicious code in an update. If these apps are apparently less aggressive than some others malware that steal credentials or banking information, the method used to display the advertisements also allows these applications to be a Trojan horse for others malware.
Given the number of malware discovered on Android almost every month, it is worth remembering some basic rules of technological hygiene. If an app shows a huge number of downloads but no ratings, that’s a bad sign. If the descriptions seem to be written or translated in a hurry, it is good to be suspicious as well. Also pay attention to the permissions requested by the applications you download. Finally, avoid downloading applications anywhere on the web. Even if in this case, the applications were indeed hosted on the Play Store, the Google store remains the safest place to obtain Android software.
Full list of affected apps
The complete list of applications concerned, to be removed as soon as possible from your smartphone:
- Walls light – Wallpaper Pack
- Big Emoji – Keyboard
- Grad Wallpapers – 3D Backgrounds
- Engine Wallpapers – Live & 3D
- Stock Wallpapers – 4K & HD
- EffectMania – Photo Editor
- Art Filter – Deep Photoeffect
- Fast Emoji Keyboard
- Create Sticker for Whatsapp
- Math Solver – Camera Helper
- Photopix Effects – Art Filter
- Led Theme – Colorful Keyboard
- Keyboard – Fun Emoji, Stickers
- smart wi-fi
- My GPS Location
- Image Warp Camera
- Art Girls Wallpaper HD
- Cat Simulator
- Smart QR Creator
- Colorize Old Photo
- GPS Location Finder
- Girls Art Wallpaper
- Smart QR Scanner
- GPS Location Maps
- Volume Control
- secret horoscope
- Smart GPS Rental
- Animated Sticker Master
- Personal Charging Show
- Sleep Sounds
- QR Creator
- Media Volume Slider
- secret astrology
- Colorize Photos
- Phi 4K Wallpaper – Anime HD