Cybersecurity researchers from Dr. Web have found half a dozen mobile apps lurking in Google’s Play Store, that are actually distributing inforstealers (opens in new tab), adware, and other forms of malware via Android (opens in new tab) apps that between them have more than two million downloads.
The researchers have found five malicious apps, including PIP Pic Camera Photo Editor, a malicious app with more than a million downloads, pretending to be image-editing software. In reality, it steals people’s Facebook credentials.
Other malicious apps include Wild & Exotic Animal Wallpaper, an adware app that replaces its name to SIM Tool Kit, as soon as it’s downloaded (500,000 downloads), ZodiHoroscope - Fortune Finder, another Facebook credential-stealing app (500,000 downloads), PIP Camera 2022, pretending to be a camera effects app (Facebook infostealer with 50,000 downloads), and Magnifier Flashlight, adware with 10,000 downloads.
Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.
Sneaking into legitimate stores
At press time, these apps were still available for download on the Play Store, and judging by the reviews posted on the app repository, people aren’t happy, as apps are quite obviously fraudulent.
Besides these five apps, the researchers found four more which are no longer available to the general public, including a racing game, an app that offers the recovery of deleted photos, a fake state compensation app for the Russian-speaking community, and an app that promises free access to Only Fans.
> Over a billion Google Play Store app downloads could be infected by malware (opens in new tab)
> New Google Play Store policy cracks down on call-recording apps (opens in new tab)
> The Google Play Store is littered with dangerous trojans (opens in new tab)
While these may have been removed from the Play Store, people that have downloaded them in the past are still at risk, until they remove them from their endpoints, using antivirus software, or other malware (opens in new tab)-removing solutions.
Security pros were always vocal how people should only download apps from verified sources, but the App Store, or the Play Store, are not immune to cyberattacks. Users should always stay vigilant with their devices, keeping them updated, having an antivirus solution installed, and monitoring incoming and outgoing traffic with firewalls.
Via: BleepingComputer (opens in new tab)