Google has removed 13 games from the Google Play Store after ESET security researcher Lukas Stefanko discovered that the apps were actually installing malware on Android devices. In a tweet he posted over the weekend, Stefanko revealed details about these apps (via Tech Crunch). The 13 had been installed more than 580,000 times, and two of them were trending.
Those installing the apps thought that they were loading car and truck driving games. Instead, the apps crashed every time they were opened. While it isn't clear what evil acts the malware is designed to do, it does launch every time that the host device boots up. The malware has "full access" to a phone or tablet's network traffic, allowing it to steal personal secrets from an Android device.
The games all listed the same developer, Luiz O Pinto, and Stefanko was able to trace the domain that spread the malware to a developer in Istanbul named Mert Ozek. The latter doesn't appear to be responding to requests for comments.
Last year, Google removed 700,000 malicious apps from the Google Play Store. While that sounds good, it would be even better if Google could devise a way to keep malicious apps out of the Play Store in the first place. Until that happens, Android users will probably need to be more suspicious of apps offered from unknown developers.