Smartphones are the perfect example of incredible technology that has changed our lives for the better. We can do so many things with these handy gadgets that you probably never dreamed of a couple decades ago. Of course, to get the most out of your device, you'll need to take advantage of some of the millions of available apps.
To be safe, we're constantly warning you to not download apps from third-party stores. With stringent safety protocols, it's more secure to get apps from Apple's App Store and the Google Play Store. Unfortunately, we've just learned that hundreds of apps found in the Google Play Store contain spyware and your gadget might be infected.
Is your gadget infected with spyware?
As we said earlier, apps found in official stores are more secure. However, researchers at Lookout recently discovered more than 500 Android apps available in the Google Play Store that contain spyware. And it's extremely widespread, as the malicious apps have been downloaded over 100 million times.
Many app developers don't write every piece of code that is used in their app. They will purchase a software development kit (SDK), which is pre-written, pre-packaged code that allows your app to perform certain tasks. It's easier for app developers to use SDKs than write the entire code from scratch.
What's happening now is, some versions of an advertising SDK dubbed lgexin are infecting apps with spyware after they are installed. It does this by downloading malicious plugins while the app is being used.
Once the malicious plugins are installed, third parties are able to load new code onto the user's gadget. This code would allow them to track the user's phone records, numbers they dial, numbers calling you and such.
What you need to do
Unfortunately, there isn't a list of affected apps that we can share with you at this time. We do know that apps containing the SDK include games targeted at teens, photo editors, weather apps, internet radio and more.
The good news is Google has been made aware of the situation and has either removed the impacted apps from its Play Store, or has sent updates for the apps that will remove the spyware.
So it's critical that you update all of your apps immediately!
Google is also asking Android users to follow these steps to stay protected from malicious apps:
- Opt in to Google Play Protect - It is designed to work in the background, protecting users from malicious apps in real time. Click here to learn more about it and how to opt in.
- Only download apps from the Google Play Store - Even though some malicious apps make it into the Play Store, it does have a more thorough screening process. This cuts down on the chances a malicious app makes it in. Third-party app stores don't have these screening processes.
- Keep "unknown sources" disabled while not using it.
- Make sure your gadget is updated with the most recent Android security update.
- Check the app's developer - Verifying the name of the app developer is important. Copycat apps will have a different developer's name than the actual one. Before downloading an app, do a Google search to find the original developer.
- Reviews - Most of the popular apps will have reviews by other users in the app store. You can sometimes find reviews by experts online. These are helpful at pointing out malicious or faulty apps. If you find a review warning the app is malicious, do NOT download it.
If you do think that your Android device has been infected with a virus, don't worry, we've got you covered. Click here to find out how to detect and remove a virus on your Android gadget.