Android users, uninstall these apps now!
These apps have been downloaded more than 700,000 times and they are targeting users in Southwest Asia and the Arabian Peninsula.
Google Play Store is a popular target among fraudsters who are trying to infect users’ devices with malware to gain access to their private information. Reports in the past have detailed how scamsters have used clever means to hide malicious code in apps. Now, a new report details eight new Android apps that are riddled with data-stealing malware.
According to a report by cyber-security company McAfee, eight new fraudulent apps have made their way to the Google Play Store. These apps have been downloaded more than 700,000 times and they are targeting users in Southwest Asia and the Arabian Peninsula.
The list includes:
Google has a thorough process in place to ensure that malicious apps don’t sneak in the Play Store. These apps bypassed these checks by posing as photo editors, wallpapers, puzzles, keyboard skins, and other camera-related apps. The report says that these fraudulent apps made their way into the store by submitting a clean version of the app for review and then introducing the malicious code via updates to the app later.
The malware embedded in these fraudulent apps hijacks SMS message notifications and then makes unauthorised purchases. The report also says that the malware also steals other details such as carrier, phone number, SMS message, IP address, country, network status along with auto-renewing subscriptions.
“...it’s important to pay attention to apps that request SMS-related permissions and Notification Listener permissions. Simply put, legitimate photo and wallpaper apps simply won’t ask for those because they’re not necessary for such apps to run. If a request seems suspicious, don’t allow it,” McAfee wrote in its blog post.
The company has contacted Google and it is now working to get these malicious apps taken off the Play Store.