While Apple has kept relatively tight control over its App Store, Google has historically been a little looser with what it lets onto its own app storefront. Although the tech giant has made efforts recently to clean up the Play Store, there are still some bad actors getting through.
A report from cybersecurity firm Trend Micro has found a batch of 29 photo- and selfie-related apps that have all been acting maliciously towards the users that installed them. The bad behaviour ranges from money-making schemes like serving up inappropriate and fraudulent full-screen ads when users unlock their phone, to potentially more troubling activities like stealing user photos and uploading them to an external server.
What’s worse is that a majority of the apps in question have been downloaded thousands of times, and three of them have been installed over a million times each. Trend Micro states that a large number of these downloads occurred in Asia, especially India, where photo-related apps are exceedingly popular.
Some of these apps have utilized tricks to hide the app icon to make it more difficult to uninstall, and when the aforementioned pop-up ads run, there’s often no indication that the particular app is the cause of them.
The majority of the full-screen ads use typical pop-up scam tactics, with text claiming the user has won something (usually an iPhone), or in some cases posing as a commercial pornography service, but clicking through the link will lead to a phishing scam where users must enter their details to ‘claim their prize’.
Among the 29 apps that Trend Micro uncovered, another offered to beautify a user’s selfies, although once the user uploads a photo to the external server, they are then served with a fake update prompt which leads, again, to a phishing site.
The bad actor is then free to use the uploaded selfies for such nefarious purposes as fake social media profile pictures.
After being made aware of the problematic apps, Google has removed them from its Play Store. However, as with any app you’re considering installing, it’s always worth checking out the store reviews to see if any other users have found them exhibiting suspicious behavior.
Below is the list of the malicious apps discovered by Trend Micro, appearing from most to least downloaded:
While it may go without saying, if you have any of the above apps installed then it’s recommended you remove them immediately.
One the New England Patriots’ Boeing 767-300ER jets. AP/Eric Gay On Sunday, the New England Patriots and the Los Angeles Rams will meet in Atlanta for Super Bowl LIII. The Rams flew to Atlanta on board a chartered American Airlines jet. The New England Patriots, on the other hand, flew in on board its private...
Protein is what’s for dinner, but only if the world’s biggest food companies can keep up. The rise in global appetites for everything from meat to beans and peas is creating what experts call a “perfect storm” for environmental concern, as farmers must increasingly crank out more food with less land and water. A new...