Beware! Sneaky Malware Found On These 35 Android Apps

/ Hotstar / By
Hotstar in UAE
Hotstar in UAE

There’s a new Android malware campaign in town. Researchers at Bitdefender have identified 35 apps that are part of this campaign. The apps use false pretexts to lure users into installing them and change their name and icon upon installation to sneakily serve aggressive ads. They total over two million downloads on the Google Play Store.

This Android malware campaign has already raked in two million downloads

According to the new research report, one of the apps is listed with the title “GPS Location Maps” on the Play Store and has over 100k downloads. Unsuspecting users download it hoping it to serve some sort of navigation-related functionality. However, upon installation, the app changes its name to “Settings” and takes up an icon identical to the system Settings app. It then starts showing web pages and aggressive ads, hampering the user experience.

Some malware apps request permission to bypass the battery optimization feature after installation. If approved, they can leverage foreground services to stay alive. You cannot kill them when closing all active apps. A few of them even ask for permission to display over other apps. This may enable the threat actors to simulate user clicks and make money through ads, the researchers speculate.

Since the apps use fake names and icons, it’s difficult for users to catch them. Of course, if you have two Settings icons on your app drawer, you’d suspect that one may be fake. But the actors behind this malware campaign have already thought of it and equipped the app with a trick to ensure that it doesn’t get caught. When you launch the app, it opens in “0” size in the corner of the screen and launches the system Settings app. This tricks users into thinking that the app isn’t fake.

Another trick employed by these apps to avoid detection is by hiding themselves from recent apps. They don’t show up in the list of the recently used apps on your phone. So you can’t catch them by checking all the active apps. As the researchers say (via), the developers of these apps have “added heavy code obfuscation and encryption in order to make reverse engineering difficult”.

Delete these 35 apps immediately

As said earlier, researchers at Bitdefender could identify 35 Android apps as part of this malware campaign. Along with the aforementioned GPS Location Maps, the list also includes the following apps. Google seems to have removed these apps from the Play Store. But with two million installs already, some users may still have them on their phones. Check the list of your installed apps and see if you have any of these. If you do, remove them immediately.

  • Personality Charging Show
  • Image Warp Camera
  • Animated Sticker Master
  • GPS Location Finder
  • Walls light – Wallpapers Pack
  • Big Emoji – Keyboard
  • Grad Wallpapers – 3D Backdrops
  • Engine Wallpapers – Live & 3D
  • Stock Wallpapers – 4K & HD
  • EffectMania – Photo Editor
  • Art Filter – Deep Photoeffect
  • Fast Emoji Keyboard
  • Create Sticker for Whatsapp
  • Math Solver – Camera Helper
  • Photopix Effects – Art Filter
  • Led Theme – Colorful Keyboard
  • Keyboard – Fun Emoji, Sticker
  • Smart Wifi
  • My GPS Location
  • Art Girls Wallpaper HD
  • Cat Simulator
  • Smart QR Creator
  • Colorize Old Photo
  • Girls Art Wallpaper
  • Smart QR Scanner
  • Volume Control
  • Secret Horoscope
  • Smart GPS Location
  • Sleep Sounds
  • QR Creator
  • Media Volume Slider
  • Secret Astrology
  • Colorize Photos
  • Phi 4K Wallpaper – Anime HD

2022-08-22 15:10:02