Four malicious apps were identified on the Google Play Store.
The Malwarebytes Lab first highlighted the apps infected by hidden ads trojan.
The developer Mobile apps Group has generated around 1 million downloads.
Earlier last month, Facebook warned its users about 400 malicious apps listed on the Google Play Store that stole user login information and details. After a month, the Malwarebytes Lab has highlighted four apps infected by hidden ads trojan. In addition, the lab identified that all these apps belonged to the same developer named Mobile Apps Group.
Even if an app looks completely fine, itmay compromise your information or harm your device. We have often seen individual or batch of apps marked malicious on the Google Play Storeand this new batch was uncovered on last Tuesday.. However, Play Store has not taken down the apps yet and are still active on Google’s app store. All four apps recognized were hidden with ads Trojan, and the developer has managed to reach over 1 million downloads in total.
Malwarebytes Labs analyst Nathan Collier notes that this developer has previously spread malware on Google Play. He states that it’s unclear if Google caught Mobile Apps Group but noted that some versions of the popular Bluetooth Auto Connect app have been clean in the past. That suggests the developer’s modus operandi is to upload a clean app version before loading it up with malware.
Here are the four apps that you should get rid of if they’re on your device:
- Bluetooth Auto Connect
- Bluetooth App Sender
- Driver: Bluetooth, Wi-Fi, USB
- Mobile transfer: smart switch
According to Malwarebytes, the apps did not reveal any malicious behavior within 72 hours after download. However, after that period, these apps open phishing sites in Chrome. Some of those sites are relatively harmless and generate revenue if the user clicks on the ads. However, other sites are dangerous, attempting to trick users by displaying a message that their device is infected or needs an update.
In his blog post, Collier added more details about the malware apps: “The Chrome tabs open in the background even when the device is locked. When the user unlocks their mobile, Chrome opens with the recent site. A new site opens with a new tab regularly, and as a result, when users unlock their phone after a few hours they could end up closing multiple tabs. The user’s browser history will also be a long list of malicious phishing sites. This is especially concerning because Mobile apps Group has uploaded clean versions of these apps in the past. In other words, they aren’t always malicious, and that’s apparently enough to keep them on Google Play. But again, all four of these apps are freely available on the Play store at the time of writing, so clearly, the system isn’t working.”
We highly recommend to unintsll these apps if you have them installed on your phone.
For more technology news, product reviews, sci-tech features and updates, keep reading Digit.in.
Follow Us
Shivam Tiwari
Shivam has been reporting technology-related stories for Digit. He is demonstrating his skill sets in the news sector. View Full Profile
