Security researchers have discovered several Android apps that contain malware. Still available on the Google Play Store, they have been downloaded over two million times. Mistrust.
Dr. Web’s team of security researchers discovered several infected Android apps last month, some of which are still available for download from the Google Play Store. Downloaded more than two million times, these applications are infected with several types of malware.
Dr. Web has thus identified several applications containing malware used to display very intrusive advertisements, as well as trojans intended to steal the login credentials of Facebook users.
Here is the list of offending apps:
- Wild & Exotic Animal Wallpaper, downloaded more than a million times. The application changes its icon to try to be invisible to the user and even changes its name to SIM Tool Kit. The app asks the user for permission to be out of the list of apps disabled by battery saver. It then takes care of displaying advertisements on the device screen even if you haven’t used the app for a long time.
- Magnifier Flashlight, conceals another advertising trojan that periodically displays video advertisements as well as banners. Like the previous application, it tries to go unnoticed by hiding its icon from the list of installed applications as well as from the home screen.
- PIP Pic Camera Photo Editor, an image editor downloaded more than a million times, carries with it a trojan intended to steal your Facebook login credentials. The application is obviously still available on the Play Store
- PIP Camera 2022, a camera application downloaded more than 50,000 times and which incorporates a virus responsible again for stealing your Facebook login credentials. The application is, again, still available for download.
- Camera Photo Editor and Light Exposure Photo Editor, two image-editing apps, installed malware again intended to steal your Facebook login credentials. Both of these apps appear to have been removed from the Play Store.
- ZodiHoroscope – Fortune Findera horoscope app downloaded over 500,000 times, and still available on the Google Play Store, also installs a virus capable of siphoning off your Facebook credentials.
These rogue applications, under the pretext of allowing you to unlock additional features, ask you to connect to your Facebook account. They take advantage of this to send your connection identifiers and passwords to the hackers who developed them.
Dr. Web’s security researchers have also identified new malware that is hidden in several applications and whose objective is to make you subscribe to a paid subscription to mobile services. These trojans are hidden in several applications:
- Recoverya data recovery app, now removed from the Play Store.
- Driving Real Racea car racing game, removed from the Play Store
- Компенсация НДСan application targeting the Russian public and which made it possible to search for information on social assistance in the country.
The hackers also devised a bogus OnlyFans app called “Only Fans App OnlyFans Android” that was supposed to allow users free access to paid OnlyFans profiles as well as private profiles.
Users were actually invited to answer a questionnaire and perform actions such as downloading certain applications in exchange for this famous free access. In reality, they got nothing at all since it was the hackers who reaped the rewards from the affiliate services used for this scam.
If you have or think you have downloaded one or more of the applications mentioned above, do not wait and uninstall them as soon as possible from your Android smartphone.