Security researchers from the firm Check Point have discovered two families of malware in apps on the Google Play Store: a new family called Haken and the resurgence of an older family called Joker.
Both families are “clicker” malware, meaning they take over users’ devices and fraudulently mimic clicks on ads. They can also access huge amounts of data, including anything displayed on screen or locally stored on a device. As well as stealing data, the malware can also sign up users for premium subscriptions they did not agree to.
According to the researchers, the apps which contained the malware appeared on the surface to be legitimate. They included camera apps and apps aimed at children, who are less able to identify the warning signs of an untrustworthy app. The eight apps in question are:
- Kids Coloring
- Compass
- qrcode
- Fruits coloring book
- Soccer coloring book
- Fruit jump tower
- Ball number shooter
- Inongdan
The researchers estimate that these eight malicious apps have been installed on over 50,000 Android devices. When considered in the context of the millions of Android users, that number is not huge. However, when considered in the context of how common malware in general is on the Play Store, the numbers tell a different story. In September last year, 25 malicious apps were discovered which had been downloaded more than 2 million times. And again in October last year, 42 malicious apps were discovered which had been downloaded more than 8 million times.
If you have any of the eight apps listed above installed on your device, then you should uninstall them as soon as possible. You should also check both your mobile phone bill and your credit card bill for any unauthorized transactions. The malware signs people up for subscriptions without their permission, so check in particular for subscriptions you did not authorize and unsubscribe from them.
The eight apps have now been removed from the Play Store, but this is a reminder to be careful when downloading Android apps as malware can be hidden in apparently legitimate-looking apps. Trusting that an app has been verified by Google because it appears on the Play Store is not enough.
“Some app developers have devised ingenious methods to conceal their apps’ true intent from Google’s scrutiny,” Check Point researchers wrote in a blog post. “Coupled with a fragmented Android ecosystem, in which a large number of device manufacturers infrequently offer critical OS updates, users cannot rely on Google Play’s security measures alone to ensure their devices are protected.”
Editors' Recommendations
- The most common Wear OS problems and how to fix them
- The best free antivirus software for 2021
- How to track an Android phone, tablet, or smartwatch
- Android vs. iOS: Which smartphone platform is the best?
- Google just added 6 great features to Android, from security to accessibility
