Researchers from the Cybersecurity department at Dr. Web have discovered more than a dozen mobile applications that are available within Google’s Play Store and are actually distributed info stealers(opens with the new window), adware, and various other types of malware through Android(opens in a new tab) apps that between them are more than two million downloads.
The researchers have identified five malware-infected apps that are a threat, including PIP Pic Camera Photo Editor an app that is malicious that has over 1 million downloads. It pretends to be software for editing images. It actually steals the Facebook login credentials of users.
Other harmful applications comprise Wild & Exotic Animal Wallpaper, an adware application that changes its name with SIM Tool Kit, as soon as the app is downloaded (500,000 downloads) ZodiHoroscope – Fortune Finder, another Facebook credential-stealing application (500,000 downloads), PIP Camera 2022 that pretends to be an app for camera effects (Facebook info stealer that has 50k downloads) as well as Magnifier Flashlight Adware that has 10,000 downloads.
Sneaking into legitimate stores
As of press time at press time, these apps were accessible for download from the Play Store, and judging by the reviews on the app store, people aren’t pleased, since the apps appear to be fraudulent.
In addition to these five apps researchers discovered four others that are no longer accessible to the general population, such as racing games as well as an app that provides the ability to retrieve deleted photos as well as a fake state-funded compensation application for Russian-speaking communities and an app that promises to give free access to only Fans.
Although these might be deleted from Play Store, people that have downloaded them previously remain at risk until they get them removed from their computers, employing antivirus software, or any other malware(opens in a new window)-removing solutions.
Security professionals have always been vocal that users should only download apps from reputable sources. However, the App Store and the Play Store, are not protected from cyberattacks.
The users should be on top of their devices, ensuring they are up-to-date and having an antivirus program installed, and observing incoming and outgoing connections with firewalls.