Cybersecurity firm Trend Micro uncovered at least 29 devious photo apps that managed to make its way onto Google Play Store and have been downloaded more than 4 million times before Google removed them from its app store.
The mobile apps in question disguised as photo editing and beauty apps purporting to use your mobile phone's camera to take better pictures or beautify the snaps you shoot, but were found including code that performs malicious activities on their users' smartphone.
Three of the rogue apps—Pro Camera Beauty, Cartoon Art Photo and Emoji Camera—have been downloaded more than a million times each, with Artistic Effect Filter being installed over 500,000 times and another seven apps in the list over 100,000 times.
Once installed, some of these apps would push full-screen advertisements on victim's device for fraudulent or pornographic content every time the infected phone is unlocked, and some would even redirect victims to phishing sites in an attempt to steal their personal information by tricking them into believing they have won a contest.
29 Fake Android Apps – Ones to Look Out For
Another group of camera apps that specifically meant to beautify photos were actually found including malicious code that uploads user's photos to an external remote server controlled by the app maker.
However, instead of displaying a final result with the edited photo, the app serves users with a fake update prompt in nine different languages which lead, again, to a phishing site.
"The authors can collect the photos uploaded in the app, and possibly use them for malicious purposes — for example as fake profile pics in social media," Trend Micro researchers wrote in a blog post.
In an attempt to hide their activities, some of these apps used various methods, including hiding the app icon from the drawer/launcher, which would make it more difficult for regular users to spot and uninstall the offending apps.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
After being made aware of the malicious apps, Google removed them from its Play Store, but this is unlikely to prevent malicious apps from plaguing the Android app store in the future.
Android malware continues to evolve with more sophisticated and never-seen-before capabilities with every passing day, and spotting them on Google Play Store doesn't come up as a surprise.
The best way to prevent yourself from falling victim to such fishy applications in the future is always to download apps from trusted brands only, even when downloading from the official app store.
Moreover, look at the app reviews left by other users before downloading any app and avoid those that mention any suspicious behavior or unwanted pop-ups after installing.
Last but not least, always keep a good antivirus app on your Android device that can detect and block such malicious activities before they can infect your device, and keep them up-to-date.