Malicious Android apps downloaded 3 million times pretend to be the Chrome browser when installed
Last week, Google announced that it was teaming up with mobile security firms ESET, Lookout, and Zimperium to create the App Defense Alliance. The alliance hadn't been announced when 49 new adware apps were first listed in the Google Play Store portraying themselves as games and stylized camera apps. Discovered by Trend Micro, these 49 apps have been downloaded over 3 million times.
The adware, like many of the other malware-laden listings we've recently written about, hide their icons making them almost impossible to uninstall. And they serve up full-length ads on the victim's phone creating a stream of revenue for the bad actor(s) involved. The only way to close an ad is to press the back button or the home button. The adware shortcut is disguised as the Chrome browser and even uses the same icon. When the icon is tapped on, it creates multiple shortcuts on the home page that show a full-page ad when selected. Some of these apps opened full-page ads as soon as the phone was unlocked while others showed the ads once the screen was tapped on (from any location). All of these ads will quickly drain the battery on a phone and hog memory resources. And even if a phone is running low on memory, it will continue to ruin the ads since they are shown in the foreground. Deleting the shortcut icons will not from the home screen will not delete the app. The only way to remove the app is to go into the phone's settings, open the applications section, find the app and delete it.
When it comes to the well being of your phone, we don't mind repeating ourselves; the best defense you have to protect yourself from downloading one of these malicious apps is to read the comments section before you install any title from a developer that you've never heard of. For example, here is a comment from one of the 49 apps that are the topic of this article: "Don't install this game!!! It's horrible. There are ads everywhere. Even when you are not using the app or you close it! That's the worst app ever. It doesn't appear in my phone but in Play Store says installed...DON'T DOWNLOAD THIS GAME." Now take into consideration that almost every comment for this app has something similar to say. That should be enough of a warning to have you running swiftly away from this app, or any app that has such a comments section.
Hopefully, the App Defense Alliance will be able to stay one step ahead of the bad actors who have been coming up with more and more ways to trick Android users into installing malicious apps. Late last month, we told you about a virtual keyboard app called ai.type that was sending text messages in the background once installed on a victim's phone. These messages were signing up the unsuspecting phone owner for premium games and other services at expensive rates that eventually appeared on his or her monthly invoice.
Last month we told you about a strain of malware that has the ability to reinstall itself even after a factory reset. Talk about a house guest that you can't get rid of! The hackers are constantly evolving their malware making it imperative that Google and its partners get ahead of them.