Share:

Share via email - Google Play Store dangerous apps can fill your Android with malware and steal your money Share on Facebook - Google Play Store dangerous apps can fill your Android with malware and steal your money Share on LinkedIn - Google Play Store dangerous apps can fill your Android with malware and steal your money Share on X - Google Play Store dangerous apps can fill your Android with malware and steal your money

Google Play Store dangerous apps can fill your Android with malware and steal your money

Google Play Store dangerous apps can fill your Android with malware and steal your money

Android smartphones are extremely popular. In fact, statistics show that globally, nine in 10 smartphones are running various versions of Android.

However, due to their sheer numbers, Android phones are increasingly targeted with mobile malware and these attacks are mounting fast. Although the Google Play Store is still the safest source of Android apps, rogue apps still manage to slip through the cracks, eluding Google’s screening process.

Take these recently outed apps, for example. They might all look like legitimate apps, but in reality, they are malware designed to steal your cash.

Banking Trojans in disguise

Beware! Almost 30 apps lurking within the Google Play Store have been discovered to be banking Trojan apps in disguise.

Security researchers from ESET spotted the stealthy apps on the official Android app store and they revealed that they were available from August until early October of this year. That’s more than two months they’ve evaded detection — enough time to cause damage.

Image Credit: ESET

The malicious apps were masquerading as various utilities like battery managers, device cleaners, boosters and even as daily horoscope apps. If you’ve downloaded an Android app of this sort recently, please check it against the provided list below.

Method of attack

Typically, Android banking Trojan apps are just classic phishing scams that employ overlay screens and fake login pages.

However, ESET warns that this newly discovered group of apps “belong to the category of sophisticated mobile banking malware with complex functionality and a heavy focus on stealth.”

How come? For one, aside from their ability to impersonate banking apps, these malicious apps can bypass two-factor authentication codes by intercepting and redirecting your text messages and by reading your call logs.

These Trojans can also target any apps installed on your Android phone and even install other malicious apps remotely.

Although they appear to be coming from various developers, ESET’s analysis reveals that these apps share similar code and they’re all controlled by the same command-and-control (C&C) server. This suggests that they all came from a single attacker or cybercriminal syndicate.

Once installed and launched, these Trojans will first display an error saying that they have been removed from your phone due to incompatibility.

Image Credit: ESET

But in reality, they are just concealing themselves from view and they’re still active in the background. The trojan then proceeds to download the actual banking malware on your gadget while remaining hidden.

List of malicious apps

Thankfully, all 29 of these apps have been removed from the Google Play Store and they’re no longer available for download. However, the questionable apps had been installed by almost 30,000 users before they were pulled out.

If you’ve downloaded any of the apps listed below, please uninstall them immediately!

Here’s a list of the malicious apps, courtesy of ESET:

App name Package name Installs
Power Manager com.puredevlab.powermanager 10+
Astro Plus com.astro.plus 0+
Master Cleaner – CPU Booster bnb.massclean.boost 5,000+
Master Clean – Power Booster mc.boostpower.lf 100+
Super Boost Cleaner cpu.cleanpti.clo 500+
Super Fast Cleaner super.dupclean.com 500+
Daily Horoscope For All Zodiac Signs ui.astrohoro.t2018 100 +
Daily Horoscope Free – Horoscope Compatibility com.horochart.uk 500+
Phone Booster – Clean Master ghl.phoneboost.com 1,000+
Speed Cleaner – CPU Cooler speeeed.cool.fh 100+
Ultra Phone Booster ult.boostphone.pb 1,000+
Free Daily Horoscope 2019 fr.dayy.horos 50+
Free Daily Horoscope Plus – Astrology Online com.dailyhoroscope.free 1,000+
Phone Power Booster pwr.boost.pro 1,000+
Ultra Cleaner – Power Boost ua.cleanpower.boost 50+
Master Cleaner – CPU Booster bnm.massclean.boost 5,000+
Daily Horoscope – Astrological Forecast gmd.horobest.ty 1,000+
Speed Cleaner – CPU Cooler speeeed.cool.gh 0+
Horoscope 2018 com.horo2018i.up 1,000+
Meu Horóscopo my.horoscop.br 1,000+
Master Clean – Power Booster mc.boostpower.cf 50+
Boost Your Phone boost.your.phone 1,000+
Phone Cleaner – Booster, Optimizer phone.boost.glh 1,000+
Clean Master Pro Booster 2018 pro.cleanermaster.iz 10+
Clean Master – Booster Pro bl.masterbooster.pro 5,000+
BoostFX. Android cleaner fx.acleaner.e2018 50+
Daily Horoscope day.horocom.ww 1,000+
Daily Horoscope com.dayhoroscope.en 1,000+
Personal Horoscope horo.glue.zodnow 1,000+

Click here to read ESET’s full report.

How to delete malicious apps in Android

Although this campaign is sophisticated, ESET noted that these Trojans do not employ advanced techniques to ensure persistence on an infected Android phone. All it takes to remove these Trojans is to simply uninstall them from your gadget.

To review and remove questionable apps on Android, go to Settings >> then Apps or Application Manager. Look through the list and keep an eye out for anything that’s odd or unfamiliar.

Tap the questionable app you want to get rid of and this will open up the App Info screen. First, remove the app’s data cache by hitting “Clear Cache.” Next, delete the app’s data by tapping “Clear Data.”

Once these steps are done, click on the “Uninstall” button to remove the app.

Sometimes, sneaky app developers hide their fake apps by making their title and icons invisible. If that’s the case, look for blank spaces in your Application Manager and uninstall them as usual.

For stubborn apps that have hijacked your gadget’s administrator permissions, try removing them in Safe Mode. Unfortunately, if that doesn’t work, your only other option is to wipe your data, factory reset your device, and start over.

This is why it is also so critical to have a reliable backup service. All it would take is one nasty fake app or mobile malware and you could lose it all. To back up all your gadgets, including Android, iOS, Mac and PC devices under one account, we recommend our sponsor IDrive. Check out IDrive today and save 50% thanks to Kim!

Tags: Android, apps, battery, devices, Google, internet, malware, phishing, security, settings