Although official app stores are the safest way to find and download new software on your smartphone, they are not without flaws. The Google Play Store has safeguards in place to weed out malicious apps, but occasionally some manage to sneak past undetected. Thirty five such applications have just been discovered hidden on the Play Store: if you have downloaded any on your Android device, delete them now.
Cybersecurity technology company Bitdefender released a report on Wednesday, August 17, identifying a new batch of 35 malicious apps on the Play Store. These apps are aggressive in their deception—they trick users into downloading them, each pretending to be an app that the average android user might like to use. However, once the user installs the app, it changes its name and app icon to remain hidden on the device.
Many switch the icon to the one associated with Settings and make themselves an alias for the real Settings app. When you open the fake app, it finally opens the real settings making you believe that it is a legit settings app. These apps will also hide from recent apps lists, making them even harder to spot during routine use.
The purpose of these apps is to serve you an obnoxious amount of advertisements: apart from annoying you, these ads generate revenue for the developers of the malicious apps. Worse still, the developers run these ads from their own framework, which bypasses the protections usually implemented by Android. This allows developers to link to malware via these ads, which increases the danger.
Bitdefender discovers these types of applications using real-time behavioral technology that identifies applications using practices known to be associated with counterfeit or malicious software.
Below is the full list of applications discovered in the report, compiled by Tom’s Guide. If you have downloaded any of these apps on your device, remove it immediately. Of course, apps may have changed names and app icons, which means you’ll need to be diligent in your investigations: look for any apps, such as utility or settings apps, that you know that you didn’t have on your device before.
- Wall Lights – Wallpaper Pack: 100K+
- Large Emoji – Keyboard: 100K+
- Graduate wallpapers – 3D decorations: 100K+
- Engine Wallpapers – Live and 3D: 100K+
- Wallpapers – 4K & HD: 100K+
- EffectMania – Photo Editor: 100K+
- Art Filter – Deep Photo Effect: 100K+
- Fast Emoji Keyboard: 100K+
- Create a sticker for Whatsapp: 100K+
- Math Solver – Camera Wizard: 100K+
- Photopix Effects – Art Filter: 100K+
- Led Theme – Colorful Keyboard: 100K+
- Keyboard – Funny Emoji, Sticker: 50K+
- Smart Wi-Fi: 10K+
- My GPS location: 10K+
- Image distortion camera: 100K
- Art Girls Wallpaper HD: 100K+
- Cat Simulator: 50K+
- Smart QR Creator: 10K+
- Colorize an old photo: 500+
- GPS locator: 100K
- Girls Art Wallpaper: 10K+
- Smart QR Reader: 50K+
- GPS location maps: 100K
- Volume control: 50K+
- secret horoscope: 10K+
- Smart GPS location: 10K+
- Animated Sticker Master: 100K
- Personality charging show: 100K
- Sleep sounds: 100K
- QR Creator: 10K+
- Multimedia volume slider: 10K+
- Secret Astrology: 10K+
- Colorize photos: 10K+
- Phi Wallpaper 4K – Anime HD: 50K+
How to Avoid Downloading Malware Infected Apps
Malicious apps are deceptive and sneaky, and certainly don’t pose as malicious in the Play Store. However, they often give themselves in different ways. If you keep an eye out for red flags, you can avoid downloading any on your Android device.
If an app has a lot of installs but little to no reviews, avoid it. Bitdefender discovered that an app like GPS Location Maps, with over 100,000 downloads, had zero Comments. On the other hand, if there are any criticisms, study them carefully. If most of them seem badly written, wrong, or even written on another app, that’s a bad sign.
Take note of the permissions an app asks you for. It makes sense for a GPS app to ask for your location, but not your camera and microphone, for example. Also, be on the lookout for apps asking for special permissions. Most apps you download have no reason to ask for accessibility permissions, indicating that some software is trying to do some shady things in the background.
Although the Play Store hosts the most hidden malware-infected apps, it’s not just Android that has to deal with this problem. Researchers have recently discovered a few malicious applications on the iOS and macOS App Stores, a reminder that Apple and Android fans should be vigilant with every app download.