Official app stores are without a doubt the best place to download software for your phone, particularly when it comes to security. For Android phone owners, that place is typically the Google Play Store, but every once in a while malicious apps manage to break through the wall despite all the precautions and safety measures.
Figuring out which app is not safe can be difficult though, as the developers that make the malicious ones implement tricky tactics to fool you before and after you tap on the download button. For that reason, we have compiled all of the latest reports containing information about flagged malicious apps on the Google Play Store in chronological order, starting with the most recent one.
Keep in mind that even if an app is removed from Google’s Play Store, that doesn’t mean it will disappear from your phone if you have already downloaded it beforehand. What’s more, many of these apps pop up on the Play Store under a slightly different name after being taken down. Others are of the FakeApp family, which try to trick into "buying" something or investing in something. And then there are the apps from the Joker family, which try to get you to sign up for some kind of paid subscription.
Thankfully, all of these have now been removed from the Play Store, but here they are in case you have already downloaded them:
HiddenAds
FakeApp
Joker
Agent Shooter
Rainbow Stretch
Rubber Punch 3D
Super Skibydi Killer
Cowboy's Frontier (Precipice Game Studios)
Enchanted Elixir (Acomadyi)
Eternal Maze (Yana Pospyelova)
Fire Fruits (Sandr Sevill)
Jungle Jewels (Vaibhav Wable)
Stellar Secrets (Pepperstocks)
Beauty Wallpaper HD (fm0989184)
Love Emoji Messenger (Korsinka Vimoipan)
Recommended Stories
Reports on dangerous Android apps
Doctor Web discovers new virus activity on mobile devices (October 26, 2023)
Doctor Web is an IT security provider, which recently discovered several new malicious applications in the Google Play Store. Combined together, the downloads of these apps amounted to more than 2 million.
Some of these apps are HiddenAds malware disguised as mobile games. However, once downloaded they try to hide themselves by adopting the same icon as the Google Play Store or by straight up becoming invisible.
InfoSec's SentinelLabs is a space where threat researchers can gather data together and expose malware, exploits, and cybercrime in general. One of their latest findings revealed three separate applications that disguise themselves as the YouTube app, two of which have the exact same name as the original version and one called Piya Sharma after a famous anchor of the same name.
The ones responsible for the malware, dubbed CapraRAT, is a group going by the name Transparent Tribe (APT36). Thankfully, the malicious apps cannot be found in the official Google store. Instead, they are spread via social media and fake landing pages.
The scariest part is that they ask for permission to access your camera, microphone, location, SMS, and more of the sort. Such level of access creates the perfect opportunity for info theft, and even though it is thought CapraRAT is intended to affect mainly government officials and for espionage, any regular person can still be affected by it.
The best way to avoid this would be to stick to using the official YouTube application or website. The version that these fake apps and landing pages take you to is generally more stripped down compared to the original one.
Cybersecurity firm CloudSEK research (June 1, 2023)
The Cybersecurity firm CloudSEK carried out research via their own proprietary software and discovered apps that contain or had previously contained malware. A total of 193 apps were found, with 43 of them still active on the Google Play Store at the time. These apps have the ability to obtain server addresses, as well as personal data and files.
CloudSEK states that the number of users affected by these apps amounts to approximately 30 million, and that most of these apps are casual games that are easily forgotten after being installed and played a little. The researchers advise users to regularly scan their phones via an antivirus software to catch such malicious apps before they get the chance to do damage.
Top 10 infected apps based on number of installs:
Bitcoin Master (+ 1 million downloads)
Crazy Magic Ball (+1 million downloads)
Happy 2048 (+1 million downloads)
HexaPop Link 2248 (+5 million downloads)
Jelly Connect (+1 million downloads)
Macaron Boom (+1 million downloads)
Macaron Match (+1 million downloads)
Mega Win Slots (+500,000 downloads)
Tiler Master (+1 million downloads)
Full list:
2048 Lucky Cube
2248 Linked
Bank Bingo Slots
Be Big Bang
Big Bang Popstar – Pongs Puzzle
Bingo Club-lucky to Win
Bingo County: Amazing 2022
Bingo Day: Lucky to Win
Bingo Magic Zoo: 2022 Journey
Bingo Slots
Bird Linked
Birds Merge
Bitcoin 2moon
Bitcoin Fall
Bitcoin Master
Bitcoin Master -mine Bitcoins!
Bitcoinconnect
Blackjack 21: Cash Poker
Block Big Bang
Block Crush
Block Master – Brain Games
Block Puzzle
Boom Match
Btc Linked
Bubble Shooter Hero
Bubble Spinner
Buzzvideo-earn Money App
Cake Master: Cream Legend
Calculator Lock – Photos Vault
Candy Kaboom
Candy Pop Star
Candy Winner
Cash All – Earn Real Money
Cash Game: Money Puppy
Cash Master
Cash Storm Slots: Real Moneychatmate
Casual Gain
Cat Party
Chain Block 3d
Chain One Line
Channel3
Chip Win to 21: Merge Game
Chip Winner
Chip Winner 2048
Circus Coin Pusher
Classic Diamond Slots: Cash
Clipclaps – Reward Your Interest
Coin Defend
Cookie Crush
Cookie Macaron
Cookie Smash
Crazy Bomb
Crazy Cash Dozer
Crazy Christmas Tree
Crazy Cut Money
Crazy Cut Money
Crazy Fruit Crush
Crazy Magic Ball
Crazy Pop Tree
Crazy Zumba Fruit
Cube 2048
Cube Master 3d
Cute Liner
Cute Macaron Zumba
Desert Tree: Cash Grow Game
Dessert Crush
Dessert Match Kitchen
Diamond Miner: Surprises
Dominoes – Royal Master
Dongbao
Dreamlike Candy:sweet Merge
Dropping Balls
Earn Money: Squid Game
Farm Blast – Match Game
Fast Booster Box
Fast Loans Plus
Food Merger
Food to Pop
Foodie Tiler
Forest Puzzle
Fruit Bubble Smash
Fruit Cutting Killer
Fruit Spin Blast
Fruits Legend: Farm Frenzy
Fun Block Puzzle Game 2022
Funny Block
Funny Hex Merge
Funny Hoop
Funny Macaron
Gem Puzzle
Gem Smash
Go Break
Go Jump
Grand Win Solitaire
Happy 2048
Happy Farm Slots-harvest & Win
Happy Fruit
Happy Merge Bang
Hello Vpn-fast & Secure
Hex Jigsaw Puzzle
Hexa Link – 2248 Connect Puzzle
Hexapop Link 2248
Holic Macaron
Holiday 2048
Hotbuku-alat Pembaca Novel Professional Dan Populer
Idle Dinosaurs
Isecurity – Virus Cleaner
Jelly Connect
Jewels Crush Fever – Match 3 Jewel Blast
Joy Match 3d
Kitty Blast: Lucky Pet 2022!
Knifemaster
Lucky Aquarium
Lucky Cashman-real Money&paid
Lucky Coin Pusher -3d
Lucky Crush
Lucky Cube
Lucky Cube Blast
Lucky Dog Videos
Lucky Eggs – Win Big Rewards
Lucky Slots: Real Money & Spin
Lucky Star: Lotto Scratch
Lucky Tile Match:triple Crush
Lucky Woody Match-block Blast
Lucky for Happy
Luckyyou
Ludo Magic
Macaron Boom
Macaron Bubble
Macaron Mac
Magic Balls
Magical Pet:pop Match
Make Money – Game Time
Many Money
Master Tiler
Maya Merge – 2248 Hexa Puzzle
Mega Jackpot Slot: Cash Winner
Mega Lightning Slots
Mega Win Slots
Merge Crazy Ball
Merge Hexagon Jewel – Match 3
Merge Lucky Puppies
Merge Snack-overfood
Metaverse Merge
Money Tree Garden
Monster Link- Match Blast
Mood to Pop
Mystery Miner Tycoon
Mystery Solitaire Tycoon
Na
Neutral Solitaire
Nice Poplink 2248
Pet Connect – Cute Pets Match
Pixel Battle
Pop Diamonds
Pop Pop Balls
Pop Stone 2 – Match 3 Game
Puppy Fruit Slice
Quick Loans Pro
Random Dice
Real Money Slots & Spin to Win
Real Money:play Games Earn
Relx Cash
Royal Knight Slice
Says Master: Jump Jump
Shake Shake Sheep
Slot Club
Slot Pop!
Smash King
Smashmaster
Solitaire Legend
Solitaire Mega : Win Big
Squid Gem
Step Going
Street Football Star
Street Soccer Game
Superfastvpn-unlimitedvpn
Superjump
Sweet Fruit Smash
Tappycoins
Tropical Fruit Blast
Tunai Instant
Uangnyata: Hasilkan & Permainan
Vastvpn – Secure Vpn Proxy
Vegas Bingo
Vegas Cash Casino
Vegas Coin Pusher
Winning Slot : Mystic Pharaoh
Woohoo – Real Cash Games
Word Games:big Win
Yeloli Princess Makeup
Yeloli Princess Makeup
Ztime: earn Cash Rewards Easily
GitHub list with SpinOk malware apps (May 29, 2023)
A list of 101 apps containing a SpinOk module with spyware features was shared in GitHub, a platform where developers store and manage their code.
The SpinOk module is presented as a marketing SDK. It collects information from the files on your phone and can then send that data back to the source. It can also gather sensor data from your phone’s sensors to avoid detection by security researchers, which makes it especially dangerous.
As you might notice from looking at the list below, most of the applications are either some kind of game or contain a “prize-winning” system. That is the disguise these apps use to trick users into downloading and engaging them afterward.
The apps listed below are reported to have been installed over 421,000,000 times when the list was uploaded to the website, so the chances are not that slim that one is living in your phone’s app drawer.
After downloading the app and it gets access to your notifications, it sends out a confirmation code. The malware then runs on your phone, contacting the source it came from and providing information about your location and mobile carrier.
Once the information is acquired, the hackers send a paid subscription page that the trojan opens via an invisible browser to sign the user up for a paid subscription using the confirmation code mentioned above. This whole process is completely hidden and the user never finds out about it while using the downloaded app.
Full list:
Beauty Camera Plus
Beauty Photo Camera
Beauty Slimming Photo Editor
Fingertip Graffiti
GIF Camera Editor
HD 4K Wallpaper
Impressionism Pro Camera
Microclip Video Editor
Night Mode Camera Pro
Photo Camera Editor
Photo Effect Editor
MalwareFox list of known Android Malware Apps (March 16, 2023)
MalwareFox is a company that makes anti-malware software programs, and in March it detailed a list of the latest Android viruses plaguing the Google Play Store. In their report, they talk about each virus and what it does to compromise security.
List of viruses and the top 25 apps some of them were found in:
Aleksandar is a tech enthusiast with a broad range of interests, from smartphones to space exploration. His curiosity extends to hands-on DIY experiments with his gadgets, and he enjoys switching between different brands to experience the latest innovations. Prior to joining PhoneArena, Aleksandar worked on the Google Art Project, digitizing valuable artworks and gaining diverse perspectives on technology. When he's not immersed in tech, Aleksandar is an outdoorsman who enjoys mountain hikes, wildlife photography, and nature conservation. His interests also extend to martial arts, running, and snowboarding, reflecting his dynamic approach to life and technology.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: