Google Play doesn’t exactly have a stellar reputation when it comes to providing safe and stable software. Sure, it’s the official store for apps on Android, but when the platform allows so many shady apps that contain trackers and malware, it’s hard to fully place your trust in them.
And as it turns out, yet another group of applications was discovered on the Google Play store to be hosting malware. This sneaky bit of software was designed to stay hidden and avoid detection by moderators. Once it’s activated, however, it uses the power of your phone to generate ad revenue for cybercriminals — all without the user’s permission.
If you frequently download apps to your Android device, you’ll want to know about this strange trojan that’s been infecting phones the world over. It’s already been installed on millions of devices, so we’ll guide you on what you can do if it managed to make its way on to yours.
Google Play accidentally hosts malware. Again.
According to new reports from security researchers at BleepingComputer, a mysterious trojan type malware was found to be bundled with 33 different apps on the Google Play Store — with a combined total of 100 million downloads between them. Not every app has been listed, and several have since been removed.
Click or tap here for the most complete version of the list. Keep in mind that these apps are listed by filename, so they may appear different here than they do on your device.
These apps appeared totally normal and functional at first glance. It wasn’t until after eight hours had passed that the malware dubbed “Android.Click.312.origin” would activate. Once engaged, the malware would secretly send data about the victim’s device to an unknown location before it began participating in what insiders refer to as “ad click fraud.”
Clicker Trojans, like Android.Click.312.origin, are essentially covert apps that run in the background of a phone, navigate the web and click on advertisements without the user’s permission. Usually, the ads that the trojan clicks on are owned by the trojan’s designer, which helps them generate thousands of dollars in fraudulent ad money.
Do I have an infected app on my device?
Once the apps were discovered, researchers quickly reported them to Google for removal. So, for now, you’re probably safe if you didn’t download any apps from the Play Store recently.
If you did download a third-party app from a small or independent developer, your risk is much higher. Signs that your phone might be compromised include slower running speeds, unusually high data usage and high battery temperatures.
Fortunately, even though these apps contained trojans, it’s easy to save your phone with a quick restore. This erases your phone and reinstalls the operating system with a fresh copy. Once your device is ready, you can restore your personal data from a backup and get on with your life.
Click or tap here to learn how to back up your Android device.
Alternatively, you can use a third-party to help you back up your data. For the best safety and performance, we highly recommend our sponsor, IDrive. It’s not only capable of backing up computers but Android devices as well! Best of all, it’s all cloud-based, which makes it easier to download once your phone is reset. For a limited time, Kim’s fans will receive 50% off.
Once your personal data is backed up, navigate to Settings, tap Backup & Reset, and then select Factory data reset. This will erase your phone and replace it with a fresh version of Android. For added security, it’s recommended you update to the latest version of Android as well.
When it comes to Google Play, it’s hard to give advice on how to avoid hidden malware since so many apps have been proven to contain it. One thing is for sure, though: If you stick with known or popular applications, your odds definitely improve. If a trusted brand name is behind the app, it’s usually a pretty good sign that you’re not dealing with shady activity.