Cybersecurity researchers have discovered a set of four malicious Android Apps on the Google Play Store secretly hiding malware, and it leads users to phishing websites that trick unsuspecting victims to fork over their private information and generate pay-per-click revenue for hackers.
Reported by security company Malwarebytes, the apps from devleoper Mobile apps Group have amassed over one million downloads and are currently listed on Google Play. Each hides a "Android/Trojan.HiddenAds" line of code, and once downloaded, they delay any malicoious activities for 72 hours in order to evade detection.
Get rid of these four Android apps
The apps spotted with the nasty malware are Bluetooth utility tools that "guarantee a strong and reliable Bluetooth pairing with any device." Hackers often use these apps to hide sneaky malware as they tend to get many downloads.
That apps include Bluetooth Auto Connect (over 1 million downloads), Bluetooth App Sender (over 50,000 downloads), Driver: Bluetooth, Wi-Fi, USB (over 10,000 downloads), and Mobile transfer: smart switch (over 1,000 downloads). If you spot any of these on your Android device, be sure to get rid of them.
According to the report, the apps continues to open phising sites in Google Chrome after the initial delay, even when the device is locked. Once unlocked, a new tab opens with the latest malicoius site, and from then on new tabs frequently open with a new site automatically.
These phising sites range from more harmless tactics to generate revenue via pay-per-click (much like adware) to more nasty websites that trick users and steal their sensitive information. The report also points out an example of a site stating that the user has been infected and needs to update or download suspicious apps.
BleepingComputer has reached out to Google and the malicious app developer but has yet to hear back, meaning its a good idea to keep away from these apps while their on Google Play.
Watch out for suspicous apps
Earlier this week, we saw 3 Android apps stealing banking info via screen recording disguised as legitamate financial services. Hackers often use seemingly helpful utility tools in order to lure unsuspecting victims to install thier apps, which can lead to major cybersecurity threats to your personal life and hard-earned money.
According to the report, older versions of the same apps with different variations of the Android/Trojan.HiddenAds code had been spotted before, but the developer is still deploying apps with the malware on Google Play.
It's always a good idea to watch out for suspicious-looking apps on Google Play, the App Store, and any third-party app store. Just because an app has over a million downloads doesn't mean its trustworthy, and you can often find user reviews are a good way to find out if an app is safe to download.
If random ads start popping up on your device after downloading an app, it;s likely the source is from the app itself.
The best way to get rid of any kind of malware is by downloading one of the best antivirus apps. These cybersecurity programs can scan your device and remove adware, along with preventing future malware downloads and malicious pop-up ads.
You can also clear your browser cache, remove unnecessary extensions, and clear your history to clean up any unwanted adware lingering around. It’s also a good idea to clear your cache on your Android phone and clear your cache on iPhone. Plus, delete any suspicious apps that shouldn’t be there.
