Due to their sheer numbers, Android phones are increasingly targeted with mobile malware and these attacks are mounting fast.
Although the Google Play Store is still the safest source of Android apps, rogue apps still manage to slip through the cracks, eluding Google’s screening process.
Take these recently outed apps, for example. They might all look like fun camera and photo apps, but in reality, they are malware designed to steal your information and your cash.
These photo apps are not what they seem
Google took down around 29 photo apps from the Play Store recently after it was found that they were designed to push full-screen ads (including porn), harvest personal information via fake contests and even steal personal photos and send them to the malware creators’ server.
As reported by Trend Micro, some of these apps were downloaded by millions of Android users, mostly by users in Asia, particularly in India. To avoid detection, the apps used multiple compression techniques and packers and most of them hid from the gadget’s application list when installed.
Aside from compression, the apps also did a good job of hiding the fact that they were responsible for loading ads on the infected devices by encrypting their communication with the remote servers.
For example, the fake contests forced users to click through a variety of screens before landing on the final phishing page that’s designed to steal personal information.
The camera apps, on the other hand, were made to look that they offered various filters but in reality, they stole the uploaded photos and prompted users to apply a fake update.
Three of these apps – Pro Beauty Camera, Cartoon Art Photo and Emoji Camera – have been downloaded over a million times, while 11 others were downloaded at least 100,000 times.
Here are some of the compromised apps as provided by Trend Micro:
- Art Editor
- Art Effect
- Art Effects for Photo
- Art Filter
- Art Filter Photo
- Art Filter Photo Editor
- Art Filter Photo Effcts
- Artistic effect Filter
- Awesome Cartoon Art
- Beauty Camera
- Cartoon Art Photo
- Cartoon Art Photo Filter
- Cartoon Effect
- Cartoon Photo Filter
- Emoji Camera
- Fill Art Photo Editor
- Horizon Beauty Camera
- Magic Art Filter Photo Editor
- Photo Art Effect
- Photo Editor
- Prizma Photo Effect
- Pro Camera Beauty
- Selfie Camera Pro
- Super Camera
- Wallpapers HD
How to spot malicious apps in Google Play
Although fake apps that look legitimate can sneak into the official app stores, there are typical warning signs to watch out for before you download and install.
Check reviews – According to Trend Micro, these malicious apps tried their best to look as legitimate as possible. The only way to tell them that they were fake was via user reviews.
Although fake reviews (both positive and negative) can skew the rating of an app, user comments can still provide vital information about it.
Superfluous permissions – Before you install an app, ANY app, please check all the permissions it’s asking for first. Fake apps will bombard you with a long list of permission requests so they can trick you into granting them more than what’s required. For example, if a simple camera app or a GIF creator starts asking for administrator permissions, delete it immediately!
Verify apps with Google Play Protect – Google Play Protect is security program that was rolled out to Android gadgets last year. it scans and verifies any app that is available in the Google Play Store. It will then continue scanning installed apps for any changes in behavior and warn you about any security dangers they might pose.
Even better, Google Play Protect will not only safeguard you from malicious Google Play apps but it will also monitor and scan apps downloaded from third-party sources. Click here to learn more about Google Play Protect.
How to delete fake apps in Android
To review and remove questionable apps on Android, go to Settings >> then Apps or Application Manager. Look through the list and keep an eye out for anything that’s odd or unfamiliar.
Tap the questionable app you want to get rid of and this will open up the App Info screen. First, remove the app’s data cache by hitting “Clear Cache.” Next, delete the app’s data by tapping “Clear Data.”
Once these steps are done, click on the “Uninstall” button to remove the app.
Sometimes, sneaky app developers hide their fake apps by making their title and icons invisible. If that’s the case, look for blank spaces in your Application Manager and uninstall them as usual.
For stubborn apps that have hijacked your gadget’s administrator permissions, try removing them in Safe Mode. Unfortunately, if that doesn’t work, your only other option is to wipe your data, factory reset your device and start over.