Skip to main content

Google Play Store junks malicious beauty camera Android apps that stole pictures

Google took down a total of 29 malicious apps for Android that were advertised on the Google Play Store as beauty camera applications, but carried out activities such as stealing the user’s pictures.

The apps were discovered by cybersecurity firm Trend Micro, which said that some of them have already been downloaded millions of times. A large number of the downloads were from users in Asia, particularly in India. In total, the 29 malicious Android apps were downloaded over 4 million times before they were removed from the Google Play Store, with three of them accounting for over 3 million downloads.

Trend Micro said that after downloading one of the malicious apps, users will not suspect anything wrong until they try to delete it. One example is a package that will hide the app’s icon to make it more difficult to uninstall it. The apps also used compression archives, also known as packers, to make them hard to analyze. There was also no indication that the apps were the ones behind the issues that users suddenly experienced.

Some of the malicious apps load full-screen advertisements for fraudulent or pornographic content each time the Android device is unlocked. Others will forward users to phishing websites that will try to steal sensitive information. Some of the attempts to steal contact details of users were disguised as pages for claiming prizes. Trend Micro also discovered that an adult video player, advertised by the apps, did not play any content after it was purchased.

One of the more alarming activities of the malicious Android apps was requesting for users to upload pictures to “beautify” them. The images were uploaded to a private server, and instead of a filtered photo, the app displayed a message that said an update was required. Trend Micro believes that the pictures were stolen, and used for purposes such as making fake social media accounts.

This is far from the first time that security problems were discovered in Android apps. Last year, there were apps that tracked children’s personal data, secretly recorded the smartphone’s screen, and attempted to phish cryptocurrency logins. As always, users can help protect themselves and their sensitive information from malicious apps by only downloading Google Play Store apps made by trusted developers and publishers.

Editors' Recommendations

Aaron Mamiit
Aaron received a NES and a copy of Super Mario Bros. for Christmas when he was 4 years old, and he has been fascinated with…
App developers get relief from Google tax in one of Android’s biggest markets
Tinder on the GooglePlay App Store.

Just over a week ago, Google was fined approximately $113 million in India for forcing its in-house billing system on developers making Android apps. While the fine was hefty in and of itself, the laundry list orders issued by the Competition Commission of India were the real concern for Google.

The company has now complied with the most controversial directive by removing the mandatory Google Play billing policy for in-app purchases made in India. In an official update, the company notes that it is “pausing enforcement of the requirement for developers to use Google Play's billing system for the purchase of digital goods and services for transactions.”
Why does it matter?

Read more
Google’s Android monopoly finds its biggest challenge, and Apple might be next
Apps screen on the Google Pixel 7.

The Competition Commission of India slapped Google with two hefty fines over anti-competitive strategies that have allowed it to dominate the mobile ecosystem in India. Totaling over $250 million, the penalties reprimand Google for forcing smartphone makers to avoid Android forks, prefer Google’s web search service, and pre-install popular cash cows like YouTube on phones.

Google was also disciplined for forcing its own billing system on developers that allowed the giant to take up to a 30% share of all in-app purchases for applications listed on the app store. Google is not really a stranger to titanic penalties; The EU handed Google a record-breaking fine of approximately $5 billion in 2018 for abusing its dominant market position — a penalty that was upheld in September this year following Google’s appeal.

Read more
Google overhauls its Family Link app for easier parental controls
Google Family Link app.

Google's Family Link app has been a great resource for parents looking to keep an eye on what their children are up to with their devices. Now, it's getting even better thanks to an app overhaul that puts the focus on safety and communication. While the Google Family Link app has previously been praised for its solid parental control settings, the redesign adds plenty of new features that make it easier than ever for parents to monitor smart device usage while keeping children informed about the parental control settings in place.

In addition to a design update that sorts the app into three main tabs (Highlights, Controls, and Location), there's also a laundry list of new features coming to Family Link. Since safety is a huge part of what makes the app appealing, features such as notification alerts when a device arrives at a specific destination (like school or a friend's house) and the ability to see an individual device's battery life are new additions that give parents peace of mind when their kids leave the house.

Read more