Security researchers have discovered several Android apps that contain malware. Still available on the Google Play Store, they have been downloaded over two million times. Be wary.
Last month, Dr. Web’s team of security researchers discovered several infected Android apps, some of which are still available for download from the Google Play Store. Downloaded more than two million times, these applications are infected with various types of malware.
Dr. Web has thus identified several applications containing malware used to display very intrusive advertisements, as well as Trojans intended to steal the login credentials of Facebook users.
Here is the list of offending apps:
- Wild and exotic animals background, downloaded more than a million times. The application changes its icon to try to be invisible to the user and also changes its name to SIM Tool Kit. The app asks the user for permission to be out of the list of apps disabled by the battery saver. It then takes care of displaying advertisements on the device screen even if you haven’t used the app for a long time.
- Flashlight with magnifying glass, hides another advertising trojan that periodically displays video ads and banners. Like the previous application, it tries to go unnoticed by hiding its icon from the list of installed applications as well as from the home screen.
- PIP Pic Camera Photo Editor, an image editor downloaded more than a million times, carries with it a Trojan intended to steal your Facebook login credentials. The application is obviously still available on the Play Store
- PIP camera 2022, a camera application downloaded more than 50,000 times and which again embeds a virus responsible for stealing your Facebook login credentials. The application is, once again, still available for download.
- Camera photo editor And Light exposure photo editor, two image editing apps, have re-installed malware with the aim of stealing your Facebook login credentials. Both of these apps appear to have been removed from the Play Store.
- Zodi Horoscope – Seek lucka horoscope app downloaded over 500,000 times and still available on the Google Play Store, also installs a virus that can steal your Facebook credentials.
These rogue applications, under the pretext of allowing you to unlock additional features, ask you to log into your Facebook account. They take advantage of this to send your connection identifiers and passwords to the hackers who developed them.
Dr. Web’s security researchers have also identified new malware that is hidden in several applications and whose goal is to get you to sign up for a paid subscription to mobile services. These Trojans are hidden in different applications:
- Recoverya data recovery app, now removed from the Play Store.
- Driving a real racea car racing game, removed from the Play Store
- Компенсация НДСan application aimed at the Russian public and which made it possible to search for information on social assistance in the country.
The hackers also came up with a fake OnlyFans app called “Only Fans App OnlyFans Android” which was supposed to allow users free access to paid OnlyFans profiles and private profiles.
Users were in fact asked to answer a questionnaire and perform actions such as downloading certain applications in exchange for this famous free access. In reality, they got nothing as it was the hackers who reaped the rewards from the affiliate services used for this scam.
If you have or think you have downloaded one or more of the above applications, do not wait and uninstall them as soon as possible from your Android smartphone.