These Android apps are nothing but adware, but have been installed over 2 million times already - so uninstall now

(Image credit: Denny Müller / Unsplash)

Cybersecurity researchers from Dr.Web discovered a handful of Android apps that were pushing ads and stealthily subscribing people to premium services.

The reserachers reported that these trojan apps, all found on Google’s official Play Store app repository, were cumulatively installed roughly two million times.

The apps were pretending to be games, messengers, and wallpaper apps, among others, and were mostly distributing three known malware families - FakeApp, Joker, and HiddenAds.

A million downloads

Upon installing one of these apps, they would immediately change their icon on the device, to something the user would reluctantly remove, such as the Chrome browser. In some cases, the researchers added, the trojans would simply remove their icons altogether, to seem as if there is an empty space in the app drawer.

The apps would then launch in the background, and deliver ads to the victim via their browser. That way, they would generate significant profits for the developers. The ads included things like casino websites, fake investments, and similar - all of which are in violation of Google’s policies.

The biggest trojan that managed to move past Google’s defenses and into the Play Store is Super Skibydi Killer, a game app with a million downloads. Other notable mentions include Agent Shooter (500,000 downloads), Rubber Punch 3D (500,000 downloads), and Rainbow Stretch (50,000 downloads).

There are also apps that subscribe the victim to premium services without their knowledge, including Love Emoji Messenger (Korsinka Vimoipan) with 50,000 downloads, and Beauty Wallpaper HD (fm0989184) with 1,000 downloads.

While Google removed all of the apps from the Play Store before this article was published, that only protects future potential victims. Those that have already downloaded the apps can only be safe if they remove them from their endpoints. If you suspect your device was compromised, besides the abovementioned apps, look for these:

Eternal Maze (Yana Pospyelova)

Jungle Jewels (Vaibhav Wable)

Stellar Secrets (Pepperstocks)

Fire Fruits (Sandr Sevill)

Cowboy's Frontier (Precipice Game Studios)

Enchanted Elixir (Acomadyi)

Via BleepingComputer

More from TechRadar Pro

This dangerous Android malware could steal passwords and other data just by using images
Here's a list of the best firewalls today
These are the best ID theft protection services around

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Over 2 million risky Android apps were blocked from the Play Store last year

This nasty Android malware is posing as the Telegram Premium app

Why is there so much spyware hidden in the Play Store?

A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.

App stores are increasingly becoming a major security worry

BADBOX malware hits 30,000 Android devices - make sure you update now

Latest in Security

Thousands of healthcare records exposed online, including private patient information

Juniper patches security flaws which could have let hackers take over your router

Representational image depecting cybersecurity protection

GitLab has patched a host of worrying security issues

Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.

AI agents can be hijacked to write and send phishing attacks

Volt Typhoon threat group had access to American utility networks for the best part of a year

Abstract image of cyber security in action.

MassJacker malware targets those looking for pirated software

Latest in News

A super close up image of the Google Gemini app in the Play Store

It's official: Google Assistant will be retired for phones this year, with Gemini taking over

Quordle hints and answers for Sunday, March 16 (game #1147)

NYT Strands homescreen on a mobile phone screen, on a light blue background

NYT Strands hints and answers for Sunday, March 16 (game #378)

NYT Connections homescreen on a phone, on a purple background

NYT Connections hints and answers for Sunday, March 16 (game #644)

Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before

ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough

More about security

Over 90% of Americans demand a "right-to-disconnect" law which would protect them from out-of-hours work communication

"I have nothing to hide" - our readers react to Apple getting secret hearing in appeal against UK government

Diamond set to become mainstream coolant for AI GPU servers as world’s best thermal conductor promises 25% better overclocking, and 'double performance per watt'

See more latest

A million downloads

Are you a pro? Subscribe to our newsletter

More from TechRadar Pro