Skip to main content

Delete these eight malware-ridden Android apps immediately

Security researchers from the firm Check Point have discovered two families of malware in apps on the Google Play Store: a new family called Haken and the resurgence of an older family called Joker.

Both families are “clicker” malware, meaning they take over users’ devices and fraudulently mimic clicks on ads. They can also access huge amounts of data, including anything displayed on screen or locally stored on a device. As well as stealing data, the malware can also sign up users for premium subscriptions they did not agree to.

According to the researchers, the apps which contained the malware appeared on the surface to be legitimate. They included camera apps and apps aimed at children, who are less able to identify the warning signs of an untrustworthy app. The eight apps in question are:

  • Kids Coloring
  • Compass
  • qrcode
  • Fruits coloring book
  • Soccer coloring book
  • Fruit jump tower
  • Ball number shooter
  • Inongdan

The researchers estimate that these eight malicious apps have been installed on over 50,000 Android devices. When considered in the context of the millions of Android users, that number is not huge. However, when considered in the context of how common malware in general is on the Play Store, the numbers tell a different story. In September last year, 25 malicious apps were discovered which had been downloaded more than 2 million times. And again in October last year, 42 malicious apps were discovered which had been downloaded more than 8 million times.

If you have any of the eight apps listed above installed on your device, then you should uninstall them as soon as possible. You should also check both your mobile phone bill and your credit card bill for any unauthorized transactions. The malware signs people up for subscriptions without their permission, so check in particular for subscriptions you did not authorize and unsubscribe from them.

The eight apps have now been removed from the Play Store, but this is a reminder to be careful when downloading Android apps as malware can be hidden in apparently legitimate-looking apps. Trusting that an app has been verified by Google because it appears on the Play Store is not enough.

“Some app developers have devised ingenious methods to conceal their apps’ true intent from Google’s scrutiny,” Check Point researchers wrote in a blog post. “Coupled with a fragmented Android ecosystem, in which a large number of device manufacturers infrequently offer critical OS updates, users cannot rely on Google Play’s security measures alone to ensure their devices are protected.”

Editors' Recommendations

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
Beware: many ChatGPT extensions and apps could be malware
OpenAI's ChatGPT blog post is open on a computer monitor, taken from a high angle.

ChatGPT fever has overtaken the internet, and rightly so since it's such a powerful new tool. Unfortunately, the most sought-after content is often fertile ground for hackers and scammers.

In a recent video, cybersecurity-focused YouTuber John Hammond warned that many ChatGPT extensions and apps could contain malware. It's a valid point, and we should all use caution when installing desktop browser add-ons and mobile apps.

Read more
This Mac malware can steal your credit card data in seconds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Despite their reputation for security, Macs can still get viruses, and that’s just been proven by a malicious new Mac malware that can steal your credit card info and send it back to the attacker, ready to be exploited. It’s a reminder to be careful when opening apps from unknown sources.

The malware, dubbed MacStealer, was discovered by Uptycs, a threat research firm. It hoovers up a wide array of your personal data, including the iCloud Keychain password database, credit card data, cryptocurrency wallet credentials, browser cookies, documents, and more. That means there’s a lot that could be at risk if it gains a foothold on your Mac.

Read more