New Android malware apps installed 10 million times from Google Play
A new batch of malicious Android apps filled with adware and malware was found on the Google Play Store that have been installed close to 10 million times on mobile devices.
The apps pose as image-editing tools, virtual keyboards, system optimizers, wallpaper changers, and more. However, their underlying functionality is to push intrusive ads, subscribe users to premium services, and steal victims’ social media accounts.
Google has removed the vast majority of the presented applications, but at the time of writing this, three applications remain available for download and installation via the Play Store.
Also, if you installed any of these apps before their removal from the Play Store, you will still need to uninstall them from your device manually and run an AV scan to clean any remnants.
The new malicious Android apps
The adware apps discovered by Dr. Web are modifications of existing families that first appeared on the Google Play Store in May 2022.
Upon installation, the apps request permission to overlay windows over any app and can add themselves to the battery saver’s exclusion list so they can continue running in the background when the victim closes the app.
Additionally, they hide their icons from the app drawer or replace them with something resembling a core system component, like “SIM Toolkit”.
Staying safe on the Google Play Store
Android malware will always find a way to creep into the Google Play Store, and sometimes apps can stay there for several months, so you should not blindly trust any app can blindly trust no apps.
Additionally, always ask yourself if the promised functionality is necessary to you, as keeping the number of apps on your phone at a minimum is a reliable way to reduce the chances of malware infections.
Finally, ensure that Play Protect is active on your device and regularly monitor your internet data and battery consumption to identify any suspicious processes that run in the background.
As previously stated, users should also check to see if they have any of the following Android adware apps install on their devices, and if found, manually remove them and scan for viruses.
- Photo Editor: Beauty Filter (gb.artfilter.tenvarnist)
- Photo Editor: Retouch & Cutout (de.nineergysh.quickarttwo)
- Photo Editor: Art Filters (gb.painnt.moonlightingnine)
- Photo Editor – Design Maker (gb.twentynine.redaktoridea)
- Photo Editor & Background Eraser (de.photoground.twentysixshot)
- Photo & Exif Editor (de.xnano.photoexifeditornine)
- Photo Editor – Filters Effects (de.hitopgop.sixtyeightgx)
- Photo Filters & Effects (de.sixtyonecollice.cameraroll)
- Photo Editor : Blur Image (de.instgang.fiftyggfife)
- Photo Editor : Cut, Paste (de.fiftyninecamera.rollredactor)
- Emoji Keyboard: Stickers & GIF (gb.crazykey.sevenboard)
- Neon Theme Keyboard (com.neonthemekeyboard.app)
- Neon Theme – Android Keyboard (com.androidneonkeyboard.app)
- Cashe Cleaner (com.cachecleanereasytool.app)
- Fancy Charging (com.fancyanimatedbattery.app)
- FastCleaner: Cashe Cleaner (com.fastcleanercashecleaner.app)
- Call Skins – Caller Themes (com.rockskinthemes.app)
- Funny Caller (com.funnycallercustomtheme.app)
- CallMe Phone Themes (com.callercallwallpaper.app)
- InCall: Contact Background (com.mycallcustomcallscrean.app)
- MyCall – Call Personalization (com.mycallcallpersonalization.app)
- Caller Theme (com.caller.theme.slow)
- Caller Theme (com.callertheme.firstref)
- Funny Wallpapers – Live Screen (com.funnywallpapaerslive.app)
- 4K Wallpapers Auto Changer (de.andromo.ssfiftylivesixcc)
- NewScrean: 4D Wallpapers (com.newscrean4dwallpapers.app)
- Stock Wallpapers & Backgrounds (de.stockeighty.onewallpapers)
- Notes – reminders and lists (com.notesreminderslists.app)