deceptive apps Archives

AppWizard

May 9, 2026

Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

Cybersecurity researchers from ESET have discovered 28 fraudulent applications on the Google Play Store that falsely claimed to provide access to call histories for any phone number. These apps have been downloaded over 7.3 million times, with one app alone accounting for over 3 million downloads. The operation, named CallPhantom, primarily targeted Android users in India and the Asia-Pacific region. Users were lured into subscription services, paying for access to fictitious data, including call histories and SMS records, but received only randomly generated information. Some apps were published under the developer name "Indian gov.in" to create a false sense of trust. Payments were processed through the Google Play Store or third-party applications like Google Pay and Paytm. Users who subscribed via Google Play may be eligible for refunds, while those who used third-party payment methods may not be able to recover their funds. The fraudulent activity may have been ongoing since at least November 2025.

AppWizard

May 8, 2026

Scam Android apps on Google Play got millions of downloads from a creepy pitch

Researchers uncovered a scam involving 28 fraudulent applications on the Google Play Store, collectively called "CallPhantom," which garnered over 7.3 million downloads. These apps promised access to call logs, SMS records, and WhatsApp history for any phone number, but users received fabricated data after paying a fee. The apps varied in appearance but shared a common strategy of generating random phone numbers and pairing them with pre-existing names and call details. Some requested email addresses to send the 'retrieved' history, but none had the necessary permissions to access the claimed data. Payment methods included Google Play’s official billing system and third-party platforms, with some apps misleading users into staying on subscription screens. ESET reported these apps to Google on December 16, leading to their removal from the Play Store.

AppWizard

February 10, 2026

Android users warned about new bug that steals private data – which apps to delete

The Arsink malware is an Android Remote Access Trojan (RAT) that exfiltrates sensitive information while granting remote control to its operators. It has impacted over 45,000 devices in 143 countries, including the UK. Arsink lures users to download deceptive "pro" versions of popular applications, often promoted on social media instead of the Google Play Store. Once installed, it can access text messages, emails, call logs, contacts, microphone recordings, photos, location data, and more. The malware also allows hackers to control device features such as using the torch, playing audio, making calls, and changing settings. It hides its icon, runs a persistent foreground service, and generates notifications to avoid detection. Users are advised to remove any "pro" versions of well-known apps like Google, YouTube, WhatsApp, Instagram, Facebook, and TikTok that are not from the official Google Play Store.

AppWizard

December 17, 2025

Google warns all Android users to delete ‘fake apps’ as urgent advice issued

Android users are warned about fraudulent VPN applications that pose significant security threats by installing malware on devices and compromising personal and banking information. These malicious apps mimic reputable VPNs and use enticing advertisements to lure users. Once installed, they can introduce various forms of malware, including trojans and remote access tools, leading to severe consequences such as unauthorized access to personal accounts and financial loss. Cybercriminals employ sophisticated tactics, including professional advertising and AI-generated content, to create an illusion of legitimacy. Google advises users to download VPN services only from trusted sources, look for the verified VPN badge on the Google Play Store, and be cautious of free VPN services that may collect excessive data or contain malware.

AppWizard

November 26, 2025

Android users warned to delete these fake apps after Google alarm

Android users are facing a threat from counterfeit VPN applications that disguise themselves as privacy-enhancing tools but contain malware capable of compromising personal information and security. These fake VPNs mimic reputable brands and use misleading advertisements to appear legitimate. Once installed, they can steal passwords, messages, and financial data, and may even lock devices with ransomware. Google advises users to download VPNs only from trusted sources, look for verification badges, review app permissions, be cautious of free offers, research developers, and avoid scare tactics in marketing. Legitimate VPNs should not request access to personal contacts or photos and should only require network-related permissions.

AppWizard

November 14, 2025

Google warns Android users: Don’t install these apps on your phone!

Google has warned Android users to be cautious when downloading applications from the Google Play Store, particularly those pretending to be VPN services, as they may contain malware. This warning is prompted by new age verification laws in the UK and Italy, which have led minors to seek VPN apps to bypass adult content restrictions, creating an opportunity for cybercriminals to offer fake VPN services. These fraudulent apps can deploy various types of malware, including info-stealers and banking trojans, compromising personal data and financial credentials. Google highlighted that threat actors use sophisticated advertising strategies to distribute these malicious applications, often impersonating trusted brands or using social engineering tactics. To protect against these threats, users are advised to download VPN services only from reputable sources, avoid apps promoted through ads, and pay attention to app permissions. Google Play Protect and a special VPN badge can help identify legitimate apps.

AppWizard

August 30, 2025

Check your Android apps

Google has removed 77 malicious applications from the Play Store that had a total of 19 million installations. These apps, which appeared to be harmless tools or photo editing software, contained spyware, malware, and trojans capable of stealing personal information and draining bank accounts. Users are advised to review and uninstall suspicious apps and consider installing security software.

AppWizard

August 26, 2025

Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this

Zscaler’s ThreatLabs team discovered 77 malicious applications on the Google Play Store that accumulated 19 million downloads. These apps, disguised as utilities like PDF readers and flashlight tools, used fake reviews and misleading ads to attract users. Upon installation, they would download a malicious payload, including the Anatsa banking trojan, which overlays fake login screens to steal user credentials. Additionally, the Joker malware was found in 25% of these apps, capable of taking screenshots, accessing device information, and signing users up for premium services without consent. Users are advised to limit app installations, scrutinize reviews, activate Google Play Protect, and consider antivirus applications for enhanced security against malware.

AppWizard

July 30, 2025

Google Urges Android Users to Quickly Delete These Apps from Their Phones!

A recent alert has been issued for Android smartphone users about malicious applications found on the Google Play Store that pose significant risks to user security and personal data. Cybersecurity firm Cyble has identified over twenty deceptive apps, many mimicking well-known wallet and cryptocurrency applications, which redirect users to phishing sites that collect sensitive information, including banking and cryptocurrency credentials. Users are advised to uninstall specific harmful apps such as Pancake Swap, Suiet Wallet, Hyperliquid, Raydium, BullX Crypto, OpenOcean Exchange, Meteora Exchange, SushiSwap, and Harvest Finance Blog. Google recommends using the “Play Protect” feature to scan downloaded apps for safety.

AppWizard

July 24, 2025

Over 250 malicious apps found targeting Android users in worrying attack – here’s how to stay safe

Researchers from Zimperium zLabs have discovered an extortion scheme involving over 250 fraudulent dating applications targeting Android users. These apps request extensive permissions to steal sensitive personal files, threatening victims with the release of their private information unless they comply with extortion demands. Many of the associated domains have been indexed by search engines, making it difficult for users to identify the apps as fraudulent. None of the identified apps were available on the official Google Play Store or Apple App Store. Users are advised to be cautious when downloading apps from unfamiliar sources, review permissions regularly, and consider installing mobile security solutions.