A team of cybersecurity researchers have found 35 apps that have been serving malware to millions of Android users. As per a report by Bitdefender, a Romanian cybersecurity technology company, there is a new malware campaign on the Google Play Store where a few apps have been using “false pretexts to lure victims into installing them”, then change their names, and “aggressively serve ads.” Not only are these cybercriminals monetising their presence on Google Play, but they are also disrupting the user experience and these ads can link directly to malware.
Based on the available public data, the report by Bitdefender says that these 35 malicious apps have a total of over two million downloads on Google Play Store. They first lure Android users in installing them and soon after installation, they hide their presence on the device by renaming themselves as well as changing their icons. These apps then start serving aggressive ads. Since they use a different name to confuse the user and conceal their presence, the applications are difficult to find and uninstall.
“Many legitimate apps offer ads to their users, but these ones show ads through their own framework, which means they can also serve other types of malware to their victims. Most of the time, users can choose to delete the application if they don’t like it. Users can still delete them (malicious apps) at will, but the developers make it more difficult to find them on the affected devices,” the report highlighted.
Bitdefender report says that these identified malicious apps are using a new real-time behavioural technology, which is designed to carry out dangerous practices. Without taking away the due credit of the app store doing “very good at weeding out malicious or dangerous apps”, the report says that just because an app is downloaded from the official store doesn’t mean it will be safe.
The best way to avoid being a victim is not to install apps that are not needed. You should also delete apps they are not in use, check apps that have a large number of downloads and few or no reviews, and be wary of apps that ask for special permissions or have nothing to do with access requests as compared to advertised functionality.