Millions of Android users have downloaded one of 29 popular but fake photo-filter apps that pushed ads leading visitors to sites with fraudulent content and pornography.
Some of the now-removed apps, including Pro Camera Beauty, Cartoon Art Photo, and Emoji camera, were downloaded more than a million times, according to security firm Trend Micro.
They’re the latest batch of malicious apps found by third-party researchers to have sneaked past Google’s automated Play Store checks following data-stealing apps and a steady stream of adware apps.
The bad apps potentially evaded Google’s automated security checks by using packers, which compress APK files and are designed to prevent malware analysis.
So as not to raise suspicion among users, nothing seems amiss until the user attempts to delete the app. One of the apps was found to create a shortcut after launching but then hides its icon from the app list, making it more difficult to delete.
The main purpose of the apps is to push full-screen and pop-up ads in the user’s browser that encourage the user to install apps requiring payment to view content that is never delivered. However, it’s not obvious to the user that the source of the ads are the offending apps.
Other apps lured Android users with the promise of a prize, including an iPhone X, before leading the victim to a phishing page.
SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)
Some of the apps that promised to beautify pictures also didn’t return an edited photo but merely captured the uploaded photo, which could be used to set up fake social-media profiles.
Trend Micro recommends that Android users should check Play Store user reviews before installing am app. But previously, scammers have bombarded their own apps with fake reviews.
In this case Trend Micro found many of the bad apps had a U-shape distribution of reviews with mostly 5-star and 1-star ratings. This could suggest a high number of fake reviews is combined with legitimate reviews from users reporting problems.
Trend Micro has published a full list of all malicious apps Google took down this time. The apps were downloaded in total over four million times.
The Fill Art Photo Editor offers users an ‘editing process’, center, and a fake update, right.
Image: Trend Micro
The 29 camera-beauty apps taken down by Google.
Image: Trend Micro
Previous and related coverage
This data-stealing Android malware infiltrated the Google Play Store, infecting users in 196 countries
At least 100,000 people downloaded apps distributing MobSTSPY malware, which also leverages a phishing attack to steal account credentials from victims.
Android adware has plagued the Google Play Store in the past two months
Security researchers unearth several adware campaigns distributed via apps available through the official Google Play Store.
Google announces crackdown on Play Store ratings and reviews
Company said it removes millions of Play Store reviews and ratings on a weekly basis.
Google Chrome under attack: Have you used one of these hijacked extensions?
Recent versions of several Chrome extensions have been compromised to spread malicious ads.
Android developers: Here are 4 types of apps Google just banned from the Play Store TechRepublic
Google recently updated its developer policy, here’s what Android developers need to know.
Google takes aim at imposter websites with new Chrome warning CNET
Because most people don’t notice when they’re at the wrong website.
Related Topics:
Security TV
Data Management
CXO
Data Centers