Cybersecurity researcher and anti-malware firm Dr.Web recently warned Android users about a list of 30 Android apps with malicious trojans that are currently still available in the Google Play Store.
According to Dr.Web, the strains of malware and adware were tracked since May 2022, and have continued to evolve up till today.
These malicious programs feature a combination of evasive techniques to avoid detection and are capable of disguising themselves with different names and app icons inside the app drawer of Android mobile handsets.
The wares proceed to subscribe users to unwanted paid services without the user’s knowledge, steal personal data, and hack Facebook accounts.
The list of 30 apps that contained the family of malware and adware are hosted on Dr.Web’s website, which we’ve also reproduced below:
- Photo Editor: Beauty Filter (gb.artfilter.tenvarnist)
- Photo Editor: Retouch & Cutout (de.nineergysh.quickarttwo)
- Photo Editor: Art Filters (gb.painnt.moonlightingnine)
- Photo Editor - Design Maker (gb.twentynine.redaktoridea)
- Photo Editor & Background Eraser (de.photoground.twentysixshot)
- Photo & Exif Editor (de.xnano.photoexifeditornine)
- Photo Editor - Filters Effects (de.hitopgop.sixtyeightgx)
- Photo Filters & Effects (de.sixtyonecollice.cameraroll)
- Photo Editor: Blur Image (de.instgang.fiftyggfife)
- Photo Editor: Cut, Paste (de.fiftyninecamera.rollredactor)
- Emoji Keyboard: Stickers & GIF (gb.crazykey.sevenboard)
- Neon Theme Keyboard (com.neonthemekeyboard.app)
- Neon Theme - Android Keyboard (com.androidneonkeyboard.app)
- Cashe Cleaner (com.cachecleanereasytool.app)
- Fancy Charging (com.fancyanimatedbattery.app)
- FastCleaner: Cashe Cleaner (com.fastcleanercashecleaner.app)
- Call Skins - Caller Themes (com.rockskinthemes.app)
- Funny Caller (com.funnycallercustomtheme.app)
- CallMe Phone Themes (com.callercallwallpaper.app)
- InCall: Contact Background (com.mycallcustomcallscrean.app)
- MyCall - Call Personalization (com.mycallcallpersonalization.app)
- Caller Theme (com.caller.theme.slow)
- Caller Theme (com.callertheme.firstref)
- Funny Wallpapers - Live Screen (com.funnywallpapaerslive.app)
- 4K Wallpapers Auto Changer (de.andromo.ssfiftylivesixcc)
- NewScrean: 4D Wallpapers (com.newscrean4dwallpapers.app)
- Stock Wallpapers & Backgrounds (de.stockeighty.onewallpapers)
- Notes - reminders and lists (com.notesreminderslists.app)
According to BleepingComputer, these apps have a combined userbase download of nearly 10 million, with three of these apps still available inside the Google Play Store.
Google has already been notified of these vulnerabilities in its app store.
To better protect yourself from app-based malware and adware, we’ve put together a list of cybersecurity advice from various brands we’ve come across in recent months:
- Kaspersky recommends checking the permissions of apps that you use and thinking carefully before approving apps with high-risk permissions. An example given is how a flashlight app would not likely require voice or camera permissions.
- McAfee recommends using multi-factor authentication tools to add another layer of security to your sensitive data.
- NordVPN, as previously shared here, recommends spending time proactively researching ways to stay safe on the devices and services you use.