The existence of malicious apps on the Android Play Store is now becoming the new normal. Though, not desirable. Still, it’s good that researchers keep on assisting Google in maintaining security by highlighting such apps. Once again, researchers discovered a number of malicious Android apps that delivered adware to users.
Android Apps Delivered Adware
Recently, the research team from Wandera discovered two Android apps on the Play store that delivered adware. Both the apps looked legit and had a massive user-base. The researchers have shared their discovery in detail in a blog post.
elaborating on their discovery, the researchers mentioned that they noticed two camera applications on Android with malicious behavior. They have identified these apps as ‘Sun Pro Beauty Camera’ with over a million downloads, and ‘Funny Sweet Beauty Selfie Camera’ with over 500,000 downloads.
While testing the apps on a Android 5.1.1 device, the researchers noticed that both the apps barraged users with ads. Following the installation process, the apps would create a shortcut and remove themselves from the app drawer. Then, these apps would show full-screen ads on the device’s screen. A user could not get rid of these ads as the apps continued to run actively in the background even after uninstalling the shortcut.
Apart from delivering adware, both the Android apps demanded unnecessary device permissions. Specifically, the Sun Pro Beauty Camera asked permission to record audio without user consent, create a shortcut (stealth behavior), and trick users by overlapping data via system alert windows. Whereas, Funny Sweet Beauty Camera sought permissions to record audio without consent at any time, activate app after device boot, and overlap other apps by displaying system alert windows.
Google Removed Malicious Apps
The researchers prompted Google about these apps on September 11, 2019. Following their report, Google has removed both the apps from the Play Store.
However, since both the apps seemed to have a huge userbase (despite negative reviews), it is possible that apps could still be running on many devices. Therefore, the users of any of these apps must ensure removing these apps from their system. They might even need to factory reset their phones to do so. Yet, it is still better than continuing to be a victim of malware attack.
Let us know your thoughts in the comments.