In a recent revelation by Bitdefender, a significant number of malicious applications have been identified on the Google Play Store, contributing to an extensive ad fraud scheme. While seemingly innocuous, apps like QR code scanners, wallpaper creators, and simple games can harbor hidden dangers. These deceptive applications may function normally but can jeopardize user data and privacy, inundating devices with intrusive full-screen advertisements.
Bitdefender’s IAS Threat Lab initially uncovered over 180 malicious apps, but further investigation revealed a total of at least 331 harmful applications, collectively downloaded more than 60 million times from the official Android app store.
Avoid these apps at all costs
Fortunately, many of these malicious apps have already been removed from the Play Store. However, a Bitdefender spokesperson shared a list of apps that remain available at the time of writing:
- ShapeUp – 100k downloads
- Beautiful Day – 5k downloads
- Destiny Book – 10k downloads
- Dropo – 10k downloads
- Handset Locator – 50k downloads
- Body Scale – 500k downloads
- Cache Sweep TEL: Clean – 100k downloads
- Five in a Row – 100k downloads
- Massm BMI – 500k downloads
- Water Note – 50k downloads
Users are advised to steer clear of these applications. For those who may have inadvertently installed any of the other 300+ malicious apps, manual removal will be necessary. A comprehensive list of URLs and package names is available on Bitdefender’s blog for reference.
Enabling Google Play Protect, the built-in security feature on most Android devices, can provide alerts if any of these harmful apps are detected on your phone.
Bypassing Android security
Bitdefender’s research indicates that the majority of these malicious apps first appeared on the Play Store in the third quarter of the previous year. Some apps, however, were uploaded earlier without malicious components, only to be compromised later. This ongoing campaign has seen new apps, such as Dropo and Handset Locator, uploaded as recently as this month, although they are expected to be removed shortly.
What sets this batch of malicious apps apart is their ability to circumvent the security measures inherent in Android 13. They can initiate without user interaction, a feat that should not be possible under normal circumstances. Furthermore, the cybercriminals behind this campaign have devised methods to conceal app icons within the operating system’s launcher, a feature restricted in newer Android versions.
Once installed, these malicious apps can display unsolicited advertisements over other applications and may not require any permissions that would typically allow such behavior. In addition to ad spamming, some of these apps are capable of launching phishing attacks aimed at extracting sensitive information, including passwords and credit card details, by directing users to fraudulent websites.
How to stay safe from malicious apps
Even with diligent caution and reliance on official app stores, users can still inadvertently download harmful applications, as evidenced by the millions affected by this recent campaign. To mitigate risks, it is advisable to limit the number of apps installed on your device. A smaller selection reduces the likelihood of downloading a malicious app or being caught off guard by a previously trusted app turning rogue.
Before downloading a new app, consider whether it is truly necessary. Often, existing applications or online tools can fulfill the same needs. If you decide to proceed with an installation, scrutinize the app’s ratings and reviews, as Android users typically voice concerns about suspicious activities. Given that ratings can be manipulated, seeking external reviews or video demonstrations can provide additional assurance before installation.
While Google Play Protect offers a layer of security, supplementing it with a reputable Android antivirus application can enhance protection. These paid solutions are frequently updated and may detect threats that Google Play Protect might overlook.
Malicious apps pose a significant risk to the sensitive personal and financial information stored on smartphones. By exercising caution in app selection and maintaining regular updates, users can significantly reduce their vulnerability to such attacks.
