Security researchers have discovered several Android apps that contain malware. It is still available on the Google Play Store, and has been downloaded over two million times. Distrust.
Dr. Web’s team of security researchers discovered several infected Android apps last month, some of which are still available for download from the Google Play Store. These apps have been downloaded more than two million times, and are infected with several types of malware.
Thus Dr. Webb identified several applications containing malware used to display highly intrusive ads, as well as Trojans that aim to steal login credentials of Facebook users.
Here is a list of the offending apps:
- Wild and exotic animal wallpapersIt has been downloaded over a million times. The application changes its icon to try to be invisible to the user and even changes its name to SIM Tool Kit. The app asks the user for permission to exit the list of apps disabled by battery saver. Then it takes care of displaying ads on the device screen even if you haven’t used the app for a long time.
- magnifier flashlightAnother ad trojan, which periodically displays video ads as well as banners, is hidden. Like the previous app, it tries to go unnoticed by hiding its icon from the list of installed apps as well as from the home screen.
- PIP Pic Camera Photo Editor, a photo editor that has been downloaded more than a million times, carries a Trojan with the purpose of stealing Facebook login credentials. Obviously, the app is still available on the Play Store
- PIP Camera 2022A camera app that has been downloaded more than 50,000 times and includes a virus that is once again responsible for stealing Facebook login credentials. The app, again, is still available for download.
- Camera Photo Editor and others Light Exposure Photo Editor, two photo editing apps, malware has been installed again with the aim of stealing Facebook login credentials. It appears that both apps have been removed from the Play Store.
- ZodiHoroscope – Wealth Findera horoscope app that has been downloaded more than 500,000 times, and is still available on the Google Play Store, also installs a virus capable of stealing your Facebook credentials.
These rogue apps, on the pretext of allowing you to unlock additional features, require you to connect to your Facebook account. They take advantage of this to send your login credentials and passwords to the hackers who developed them.
Security researchers at Dr. Web also has new malware hidden in many applications that aims to get you to sign up for a paid subscription to mobile services. These Trojans are hidden in several applications:
- Recoverya data recovery app, has now been removed from the Play Store.
- Real racing drivingCar racing game has been removed from Play Store
- VAT compensationan application aimed at the Russian public and made it possible to search for information about social assistance in the country.
The hackers also created a fake OnlyFans app called “Only Fans App OnlyFans Android” which was supposed to allow users free access to paid OnlyFans profiles as well as private ones.
Users are actually invited to answer a survey and perform actions such as downloading certain apps in exchange for this popular free access. In fact, they did not get anything at all because it was the hackers who reaped the rewards from the affiliate services used in this scam.
If you have downloaded one or more of the above-mentioned applications or think you have downloaded them, do not wait and uninstall them as soon as possible from your Android smartphone.