According to the research firm, which used a new real-time behavioral technology to determine the possibly malicious apps, said that these apps lure victims into installing them on false pretexts, only to change their name and icon after installation. Once they conceal their identity, they aggressively start flooding the victim’s device with advertisements. These ads help cybercriminals steal victims’ money without leaving any trace by directing them to malicious sites or links that drop additional malware on the targeted devices. “One of the ways cyber-criminals monetize their presence on Google Play is to serve ads to their victims. While this may sound diminutive, these ads served to victims are disrupting the usage experience and can link directly to malware,” wrote Bitdefender in a blog post. While many legitimate apps also offer ads to their users and are titled as ‘ad supported’, these ones display ads through their own framework, which means they can also serve other types of malware to their victims. Users can choose to delete the application if they don’t like it; however, the developers take extra steps to make it more difficult to find them on the affected devices by concealing their presence. “While all of the detected apps are clearly malicious, the developers were able to upload them to the Google Play Store, offer them to users, and even push updates that made the apps better at hiding on devices,” added BitDefender. The researchers took ‘GPS Location Maps’, one of the most popular apps on the Google Play Store, with 100k downloads as an example. Upon installation, the researchers noticed that the app immediately changed its label from ‘GPS Location Maps’ to ‘Settings’ and then showed additional websites in WebViews and an advertisement. The ‘GPS Locations Maps’ app also changed its icon, which makes it difficult for users to find and uninstall it. The researchers also noted that on some devices, a few malicious apps even request permission to bypass the battery optimization feature and start foreground services notifications to stay alive and not get killed by the system while eating up the battery. Many of the detected apps also request permission to display over other apps, which means that they are likely also simulating user clicks to rake on profits. Below is a list of the 35 Android malicious applications that have download counts ranging from 10,000 to 100,000, totaling over two million downloads. If you have any of the above-mentioned apps installed on your device, it is recommended that you locate and remove them from your device immediately. Further, you can follow the below-mentioned tips to keep yourself safe:
Ensure you are running the latest version of Android on your device. Check reviews and ratings before downloading any app from Google Play Store. For instance, be careful of apps with a large number of downloads and few or negative reviews, as they could be malicious. Uninstall apps from your device that is no longer required. Be wary of apps that ask for more permissions than it needs, as they might be up to no good. Only download apps from trusted sources such as Google Play Store. Always run a security solution in the background that can identify malicious behavior. Install a reputable security app from the Play Store to add an extra layer of protection to your device.
