Three dozen malicious Android apps have been discovered on the Google Play Store, showing once again that downloading from a proven source is not a sufficient security practice.
Cybersecurity researchers from Bitdefender discovered a total of 35 Android apps on the Google Play Store that serve dangerous ads to their victims, and do their best to prevent and hide users from deleting them.
“If we consider available public data, malware, from GPS apps to photo editors to charging screensavers, has been downloaded more than two million times,” the researchers said. This means that the total number is probably even higher.
hide from users
The researchers explain that serving ads only to endpoints isn’t malicious in itself, but the problem is that these apps do it through their own framework, which means that nothing can expose them to more dangerous malware, or even more dangerous malware. That’s not stopping the ransomware from serving. What’s more, if ads are presented aggressively (which they are), they also harm the user experience.
Another factor that makes these apps malicious is that they hide from victims to avoid being removed.
As soon as the victim downloads one of the malicious apps, it will change its entire appearance (both icon and name) to something else, often in apps users are afraid to delete (system settings, or something along those lines). ).
Even though Google has revamped its Play Store checkout system throughout the years, malicious developers still manage to go after the bouncer and squeeze some of the apps out of the world’s greatest app repositories.
So researchers are suggesting that even when users want to download the app from the official Play Store, they should double-check that it has enough downloads, and enough positive reviews and comments. Threat actors can use bots to fake reviews and ratings, but they cannot do it collectively. In addition, having a mobile antivirus (opens in new tab) won’t hurt.