Cybersecurity researchers have found a new list of malicious Android apps on the Google Play Store. These 10 rogue applications that were caught containing data-stealing malware and adware have even been downloaded up to two million times.
Phones that have been infected with adware usually display annoying and unwanted advertisements. It seems not so dangerous, but this practice makes the cellphone battery wasteful, heats up quickly, and even sucks up data quota and credit.
Meanwhile, data stealing malware is more dangerous. This malware can steal credentials for sites that users frequently visit, including social media accounts and online bank accounts.
Security analyst at Dr. The Web reports that apps containing adware and data-stealing malware were among the most dangerous threats to Android users discovered in May 2022.
One of the most vicious applications is spyware that can steal information from other application notifications, especially to steal one time password (OTP) codes which are then used to hack social media accounts or bank accounts.
Of the many rogue applications that managed to infiltrate the Play Store, there are five applications that are currently still available and have not been kicked out by Google, namely:
PIP Pic Camera Photo Editor: 1 million downloads, malware that disguises itself as a photo editing app but actually steals users' Facebook account credentials
Wild & Exotic Animal Wallpaper: 500,000 downloads, adware trojan that changed its icon and name to 'SIM Tool Kit' and put itself on the battery saver exclusion list
ZodiHoroscope: 500,000 downloads, malware that steals Facebook account credentials by tricking users into entering them themselves with the lure of removing ads in apps
PIP Camera 2022: 50,000 downloads, camera effects app that can also hijack Facebook accounts
Magnifier Flashlight: 10,000 downloads, adware application that displays advertisements in the form of static and video.
It's not yet known whether Google hasn't cracked down on these rogue apps, or whether the developers have removed the malicious code and re-registered it on the Play Store. But judging by the recent user reviews, it looks like those apps are still quite dangerous and don't provide the functionality offered.
Another rogue app discovered by Dr's team. The web includes racing games (Driving Real Race), data recovery applications (Recovery), government assistance information applications for Russian users (Компенсация ), and applications that offer free OnlyFans access (Only Fans App OnlyFans Android).
The four applications above have been kicked from the Google Play Store, but users who have already downloaded them are advised to immediately delete them and scan their devices using an antivirus application to clean the remnants of malware, as quoted from Bleeping Computer, Wednesday (15/6/2022).
Researchers from Cyble also found an application containing a banking trojan called Hydra circulating on the Play Store. This application seems to be targeting online banking users in Europe.
This malware masquerading as a PDF application has been downloaded more than 10,000 times. Cyble said the app was still on the Play Store until June 9, 2022, but has now been removed by Google. However, those PDF apps are still available on third-party stores like APKAIO.com and APKCombo.com, so users should still be careful.