Check your phone! 90 malicious apps with millions of downloads spotted
Cyberattacks come in many forms, and some allow hackers to take control of your phone. Others steal personal information or sign you up for subscription services that are difficult to cancel. It’s not easy to tell if your phone’s been compromised. Is someone watching everything you do? Tap or click here for some tips for diagnosing a hacked phone.
This past summer, we reported on hundreds of apps being removed from the Google Play Store and Apple’s App Store. And as we get into autumn, there’s no sign that things will change.
Cybersecurity researchers uncovered about 90 malicious apps downloaded over 13 million times. We’ll show you how these dangerous apps operate and ways to avoid them.
This is no game
A Satori Threat Intelligence and Research Team report shows an alarming new crop of bad Android and iOS apps. These apps are an offshoot of the Poseidon advertising fraud that the team first discovered in 2019.
This latest adaptation of Poseidon, dubbed Scylla, uses new techniques and better keeps the culprits behind the apps safe from discovery. The apps consist of games, but there’s no fun to be had here.
Scylla’s weapon of choice is advertising fraud. Here are its methods of attack:
- App spoofing: The app not only fools the people who download it, but it tricks advertisers into thinking it’s a different type of application so that they place ads within it. For example, the malicious app pretends to be a very popular tool or masquerades as a streaming app to attract ad revenue. In this case, the Scylla apps contained code that pretended to be other, legitimate games.
- Out-of-context ads: Ads are shown unexpectedly, such as on your home screen. In the case of Scylla, apps could trigger by an action as simple as unlocking your phone.
- Hidden ads: These are ads you don’t see, though the app counts them as having been “viewed,” so the cybercriminals can make more money off the companies that placed the ads. The app tells advertising platforms that it has displayed an ad to the user without having ever actually done so.
- Fake clicks: Advertisers place great value on clicks, and the crooks know this. Code within the Scylla apps takes the information of your actual clicks (or taps, in the case of mobile phones) and relays that information to advertisers as ad clicks.
The Satori team has worked closely with the Google Play Store and Apple App Store to ensure that all of the apps identified as part of the Scylla operation have been removed.
If you have any of the apps we’ve listed in the following tables, remove them right now.
Remove these malicious apps from your iPhone
App name | File name |
Loot the Castle | com.loot.rcastle.fight.battle (id1602634568) |
Run Bridge | com.run.bridge.race (id1584737005) |
Shinning Gun | com.shinning.gun.ios (id1588037078) |
Racing Legend 3D | com.racing.legend.like (id1589579456) |
Rope Runner | com.rope.runner.family (id1614987707) |
Wood Sculptor | com.wood.sculptor.cutter (id1603211466) |
Fire-Wall | com.fire.wall.poptit (id1540542924) |
Ninja Critical Hit | wger.ninjacriticalhit.ios (id1514055403) |
n/a | com.TonyRuns.game (n/a) |
Here’s how to delete an app from your iPhone:
- Touch and hold the app.
- Tap Remove App
- Tap Delete App, then tap Delete to confirm.
IMPORTANT: New iPhone and Android security features to turn on
Remove these malicious apps from your Android phone
App name | File name |
Super Hero-Save the world! | com.asuper.man.playmilk |
Arrow Coins | com.arrow.coins.funny |
Parking Master | com.ekfnv.docjfltc.parking.master |
Lady Run | com.lady.dress.run.sexylady |
Magic Brush 3D | com.magic.brush.gamesly |
Shake Shake Sheep | com.shake.earn.sheep.causalgame |
Number Combination: Colored Chips | com.yigegame.jyfsmnq.gg |
Jackpot Scratcher-Win Real | com.physicswingsstudio.JackpotScratchers |
Scratch Carnival | com.scratchers.jackpot.luckypiggy |
Ztime:Earn cash rewards easily | com.pocky.ztime |
Billionaire Scratch | com.free.tickets.scratchers.Billionaire |
Lucky Wings – Lotto Scratchers | com.free.scratchers.luckywings |
Lucky Star: Lotto Scratch | com.free.tickets.scratchers.LuckyLotto |
Shake Shake Pig | com.ldle.merge.free.coinspiggy |
Lucky Money Tree | com.ldle.merge.lucky.moneytree |
Run And Dance | com.tap.run.and.dance |
Lucky Scratchers: Lotto Card | com.lotto.bingo.lucky.scratchcard |
Pull Worm | com.pull.bugs.worm |
Crowd Battle:Fight the bad guys | com.crowd.battle.goamy |
Shoot Dummy – Win Rewards & Paypal Cash | com.shoot.dummy.fast.speed.linger |
Spot 10 Differences | com.different.ten.spotgames |
Find 5 Differences – New | com.find.five.subtle.differences.spot.new |
Dinosaur Legend | com.huluwagames.dinosaur.legend.play |
One Line Drawing | com.one.line.drawing.stroke.yuxi |
Shoot Master | com.shooter.master.bullet.puzzle.huahong |
Talent Trap – NEW | com.talent.trap.stop.all |
Shoot it: Using Gun | com.bullet.shoot.fight.gtommm.tom |
Super Flake | com.chop.slice.flake2020 |
Five-Star Slice | com.five.star.slice |
Sand Drawing | com.sand.drawing.newfight |
Mr Dinosaur: Play your Dino | com.topggame.facego.finger.crazy.dino |
Track Sliding New | com.track3d.sliding.new |
Beat Kicker New | com.beat.kicker.two.game |
Fill Color 3D | com.cube.fill.color.paint.turn.fei |
Draw Live | com.draw.live.milipop |
Draw 1 Stroke | com.draw.one.line.stroke.xipi |
Fidget Cubes | com.fidget.cubes.feel.like |
Girls Fight | com.girls.fight.fly |
Ninja Assassin | com.knifeninja.assassin.dltc |
Shooting Puzzle 2020 | com.my.bullet.shooting.man.hunter.youxi |
Pulley Parkour | com.pul.parkour.bbroller |
Chop Flake 3D | com.slice.chop.superslice3d |
Weapon Fantasy | com.weapon.fantasy.games |
Balloon Shooter | com.balloon.shooter.play |
Musical Shoot | com.ltcmusical.fun2021 |
Chop Slices | com.lvdiao.chop.slices.chef |
Ninja Slice | com.slice.masked.games |
Work Now! | com.work.now.slack |
Bottle Jump | com.bottle.jump.flip.challenge.fun |
Corn Scraper | com.corn.scraper.cut.pipe.siling |
Idle Wood Maker | com.idle.wood.maker.gametwo |
Pop Girls Schooler | com.pop.girls.schooler |
Romy Rush | com.romy.rushrun |
Spear Hero | com.spear.super.man.hero |
Dig Road Balls | com.dig.road.balls.play.games.ygygame |
BOO Popstar | com.boostar.boo.popstar |
Draw CompleteA | com.darwa.completea.ltca |
Rush 2048:3D Shoot Cubes | com.rushcube.puzzle.block |
Meet Camera | com.magicvcam.hdmeet.cam008 |
Auto Stamp Camera | com.stac.amper.qweaf |
n/a | com.find.five.differences.lvye.xsl |
n/a | com.mufc.zwxfb |
Roll Turn | com.roll.turn.song.wusi.pt |
Hiding Draw | com.hiding.drawltc.games |
Peter Shoot | com.ltc.peter.shoot.tslgame |
Design n Road | com.ltcdesign.nroad |
Draw Complete | com.ltcdraw.complete.fly |
Thief King | com.ltcking.thief.game.tsl |
Downhill Race | com.downhill.race.redbull |
Draw a War | com.draw.war.army |
Rescue Master | com.rescue.master.gear.mechanics.wushi |
Spin:Letter Roll | come.letter.roll.race |
Helicopter Attack – NEW | com.helicopter.attack.shoot.sanba |
Crush Car | com.crush.car.fly.delivery.lingjiu |
Relx cash | com.tycmrelx.cash |
War in Painting | com.painting.war.inpaper |
Bike Extreme Racing | com.bike.extreme.raceing.bikegames |
Player Spiral Maker 3D | com.player.spiral.maker.d3 |
Match 3 Tiles | com.blocks.tile.matching |
2048 Merge Cube – Win Cash | com.cube.merge.shooter |
Here’s how to delete an app from your Android phone:
- Open the Google Play Store app.
- At the top right, tap the Profile icon.
- Tap Manage apps & devices > Manage.
- Tap the name of the app you want to delete.
- Tap Uninstall.
Tips to stay safe
- Turn on Google Play Protect by heading to Google Play Store > Profile > Play Protect > Settings and turn on Scan apps with Play Protect.
- Keep your phone updated with the latest patches and fixes. We alert you to those over at Komando.com. Tap or click here to try Kim’s free email newsletters to get the alerts right to your inbox.
- Use two-factor authentication and password managers for better security. Tap or click here for details on 2FA.
- Only download apps from official app stores. Always go to the official source and double-check that you are installing the correct app.
- Watch out for apps that use a similar logo to other popular apps or have similar functions. Also, check reviews to see if others are warning about suspicious activity.
- Pay attention to permissions. Stay away if an app wants full access to your text messages or notifications.
- Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Keep reading
Data-hungry apps: These are the worst for your privacy
These 5 malicious Chrome extensions were installed 1.4 million times — Here’s how to delete them
Tags: Apple, newsletters