Cybersecurity researchers from Dr. Web have found half a dozen mobile apps lurking in Google’s Play Store, that are actually distributing inforstealers, adware, and other forms of malware via Android apps that between them have more than two million downloads.
The researchers have found five malicious apps, including PIP Pic Camera Photo Editor, a malicious app with more than a million downloads, pretending to be image-editing software. In reality, it steals people’s Facebook credentials.
Other malicious apps include Wild & Exotic Animal Wallpaper, an adware app that replaces its name to SIM Tool Kit, as soon as it’s downloaded (500,000 downloads), ZodiHoroscope - Fortune Finder, another Facebook credential-stealing app (500,000 downloads), PIP Camera 2022, pretending to be a camera effects app (Facebook infostealer with 50,000 downloads), and Magnifier Flashlight, adware with 10,000 downloads.
Sneaking into legitimate stores
At press time, these apps were still available for download on the Play Store, and judging by the reviews posted on the app repository, people aren’t happy, as apps are quite obviously fraudulent.
Besides these five apps, the researchers found four more which are no longer available to the general public, including a racing game, an app that offers the recovery of deleted photos, a fake state compensation app for the Russian-speaking community, and an app that promises free access to Only Fans.
While these may have been removed from the Play Store, people that have downloaded them in the past are still at risk, until they remove them from their endpoints, using antivirus software, or other malware-removing solutions.
Security pros were always vocal how people should only download apps from verified sources, but the App Store, or the Play Store, are not immune to cyberattacks. Users should always stay vigilant with their devices, keeping them updated, having an antivirus solution installed, and monitoring incoming and outgoing traffic with firewalls.
Via: BleepingComputer
