According to Trend Micro, these apps had large number of downloads in India and redirected users to phishing websites as well as collected their pictures.
#TimeSmartsNow with super power-efficient #HONORMagicWatch2
A timepiece so advanced yet personal, the #HONORMagicWatch2 has style, substance and a superb battery life of 2 weeks! Sale starts on 18th Jan
Click here to know more
Google has removed 29 ‘Beauty Camera’ apps that used to collect the data, especially pictures, of the users who them installed on their phones. While some of these apps used to send pornographic content to users, others redirected them to phishing websites. Japanese IT security company Trend Micro says that some of these apps have millions of downloads, and a large number of the downloads originated from Asia - particularly India.
“We discovered several beauty camera apps (detected as AndroidOS_BadCamera.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes. A user downloading one of these apps will not immediately suspect that there is anything amiss, until they decide to delete the app,” Trend Micro said in a blogpost. The top three apps: Pro Camera Beauty, Cartoon Art Photo, and Emoji Camera, each got over a million downloads.
For example, package com.beauty.camera.project.cloud created a shortcut after being launched. However, it used to hide its icon from the application list, making it more difficult for users to uninstall the app since it was not available for a drag and delete it. Furthermore, the camera apps were found to be using packers to prevent them from being analysed. Trend Micro has also shared a code snippet to show how the malicious app hid itself from the applications list.
A number of these apps were also found to be pushing several full screen ads when users unlocked their devices, including malicious ads (such as fraudulent content and pornography) that will pop up via the user’s browser. “During our analysis, we found a paid online pornography player (detected as AndroidOS_PornPlayer.UHRXA) that was downloaded when clicking the pop up,” Trend Micro claimed.
Since these malicious apps looked as legitimate as possible, users found it difficult to determine where the malicious content was coming from. Some of these apps redirect to phishing websites that ask for personal information such as addresses and phone numbers. Some of the apps seemingly allowed users to “beautify” their pictures by uploading them to the designated server.
Trend Micro found that when a user uploads an image into edit in the app, instead of getting a final result with the edited photo, the user gets a picture with a fake update prompt in nine different languages. The authors can collect these photos uploaded in the app, and possibly use them for malicious purposes — for example as fake profile pictures on social media. Reportedly, these ‘beautify’ apps can also hide themselves like the ones mentioned above.
Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.
We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.