Skip to Content
Security & privacy

Google Play Store dangerous apps can fill your Android with malware and steal your money

Android smartphones are extremely popular. In fact, statistics show that globally, nine in 10 smartphones are running various versions of Android.

However, due to their sheer numbers, Android phones are increasingly targeted with mobile malware and these attacks are mounting fast. Although the Google Play Store is still the safest source of Android apps, rogue apps still manage to slip through the cracks, eluding Google’s screening process.

Take these recently outed apps, for example. They might all look like legitimate apps, but in reality, they are malware designed to steal your cash.

Banking Trojans in disguise

Beware! Almost 30 apps lurking within the Google Play Store have been discovered to be banking Trojan apps in disguise.

Security researchers from ESET spotted the stealthy apps on the official Android app store and they revealed that they were available from August until early October of this year. That’s more than two months they’ve evaded detection — enough time to cause damage.

Image Credit: ESET

The malicious apps were masquerading as various utilities like battery managers, device cleaners, boosters and even as daily horoscope apps. If you’ve downloaded an Android app of this sort recently, please check it against the provided list below.

Method of attack

Typically, Android banking Trojan apps are just classic phishing scams that employ overlay screens and fake login pages.

However, ESET warns that this newly discovered group of apps “belong to the category of sophisticated mobile banking malware with complex functionality and a heavy focus on stealth.”

How come? For one, aside from their ability to impersonate banking apps, these malicious apps can bypass two-factor authentication codes by intercepting and redirecting your text messages and by reading your call logs.

These Trojans can also target any apps installed on your Android phone and even install other malicious apps remotely.

Although they appear to be coming from various developers, ESET’s analysis reveals that these apps share similar code and they’re all controlled by the same command-and-control (C&C) server. This suggests that they all came from a single attacker or cybercriminal syndicate.

Once installed and launched, these Trojans will first display an error saying that they have been removed from your phone due to incompatibility.

Image Credit: ESET

But in reality, they are just concealing themselves from view and they’re still active in the background. The trojan then proceeds to download the actual banking malware on your gadget while remaining hidden.

List of malicious apps

Thankfully, all 29 of these apps have been removed from the Google Play Store and they’re no longer available for download. However, the questionable apps had been installed by almost 30,000 users before they were pulled out.

If you’ve downloaded any of the apps listed below, please uninstall them immediately!

Here’s a list of the malicious apps, courtesy of ESET:

App namePackage nameInstalls
Power Managercom.puredevlab.powermanager10+
Astro Pluscom.astro.plus0+
Master Cleaner – CPU Boosterbnb.massclean.boost5,000+
Master Clean – Power Boostermc.boostpower.lf100+
Super Boost Cleanercpu.cleanpti.clo500+
Super Fast Cleanersuper.dupclean.com500+
Daily Horoscope For All Zodiac Signsui.astrohoro.t2018100 +
Daily Horoscope Free – Horoscope Compatibilitycom.horochart.uk500+
Phone Booster – Clean Masterghl.phoneboost.com1,000+
Speed Cleaner – CPU Coolerspeeeed.cool.fh100+
Ultra Phone Boosterult.boostphone.pb1,000+
Free Daily Horoscope 2019fr.dayy.horos50+
Free Daily Horoscope Plus – Astrology Onlinecom.dailyhoroscope.free1,000+
Phone Power Boosterpwr.boost.pro1,000+
Ultra Cleaner – Power Boostua.cleanpower.boost50+
Master Cleaner – CPU Boosterbnm.massclean.boost5,000+
Daily Horoscope – Astrological Forecastgmd.horobest.ty1,000+
Speed Cleaner – CPU Coolerspeeeed.cool.gh0+
Horoscope 2018com.horo2018i.up1,000+
Meu Horóscopomy.horoscop.br1,000+
Master Clean – Power Boostermc.boostpower.cf50+
Boost Your Phoneboost.your.phone1,000+
Phone Cleaner – Booster, Optimizerphone.boost.glh1,000+
Clean Master Pro Booster 2018pro.cleanermaster.iz10+
Clean Master – Booster Probl.masterbooster.pro5,000+
BoostFX. Android cleanerfx.acleaner.e201850+
Daily Horoscopeday.horocom.ww1,000+
Daily Horoscopecom.dayhoroscope.en1,000+
Personal Horoscopehoro.glue.zodnow1,000+

Click here to read ESET’s full report.

How to delete malicious apps in Android

Although this campaign is sophisticated, ESET noted that these Trojans do not employ advanced techniques to ensure persistence on an infected Android phone. All it takes to remove these Trojans is to simply uninstall them from your gadget.

To review and remove questionable apps on Android, go to Settings >> then Apps or Application Manager. Look through the list and keep an eye out for anything that’s odd or unfamiliar.

Tap the questionable app you want to get rid of and this will open up the App Info screen. First, remove the app’s data cache by hitting “Clear Cache.” Next, delete the app’s data by tapping “Clear Data.”

Once these steps are done, click on the “Uninstall” button to remove the app.

Sometimes, sneaky app developers hide their fake apps by making their title and icons invisible. If that’s the case, look for blank spaces in your Application Manager and uninstall them as usual.

For stubborn apps that have hijacked your gadget’s administrator permissions, try removing them in Safe Mode. Unfortunately, if that doesn’t work, your only other option is to wipe your data, factory reset your device, and start over.

This is why it is also so critical to have a reliable backup service. All it would take is one nasty fake app or mobile malware and you could lose it all. To back up all your gadgets, including Android, iOS, Mac and PC devices under one account, we recommend our sponsor IDrive. Check out IDrive today and save 50% thanks to Kim!

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days