This Android malware campaign has already raked in two million downloads
According to the new research report, one of the apps is listed with the title “GPS Location Maps” on the Play Store and has over 100k downloads. Unsuspecting users download it hoping it to serve some sort of navigation-related functionality. However, upon installation, the app changes its name to “Settings” and takes up an icon identical to the system Settings app. It then starts showing web pages and aggressive ads, hampering the user experience. Some malware apps request permission to bypass the battery optimization feature after installation. If approved, they can leverage foreground services to stay alive. You cannot kill them when closing all active apps. A few of them even ask for permission to display over other apps. This may enable the threat actors to simulate user clicks and make money through ads, the researchers speculate. Since the apps use fake names and icons, it’s difficult for users to catch them. Of course, if you have two Settings icons on your app drawer, you’d suspect that one may be fake. But the actors behind this malware campaign have already thought of it and equipped the app with a trick to ensure that it doesn’t get caught. When you launch the app, it opens in “0” size in the corner of the screen and launches the system Settings app. This tricks users into thinking that the app isn’t fake. Another trick employed by these apps to avoid detection is by hiding themselves from recent apps. They don’t show up in the list of the recently used apps on your phone. So you can’t catch them by checking all the active apps. As the researchers say (via), the developers of these apps have “added heavy code obfuscation and encryption in order to make reverse engineering difficult”.
Delete these 35 apps immediately
As said earlier, researchers at Bitdefender could identify 35 Android apps as part of this malware campaign. Along with the aforementioned GPS Location Maps, the list also includes the following apps. Google seems to have removed these apps from the Play Store. But with two million installs already, some users may still have them on their phones. Check the list of your installed apps and see if you have any of these. If you do, remove them immediately.
Personality Charging ShowImage Warp CameraAnimated Sticker MasterGPS Location FinderWalls light – Wallpapers PackBig Emoji – KeyboardGrad Wallpapers – 3D BackdropsEngine Wallpapers – Live & 3DStock Wallpapers – 4K & HDEffectMania – Photo EditorArt Filter – Deep PhotoeffectFast Emoji KeyboardCreate Sticker for WhatsappMath Solver – Camera HelperPhotopix Effects – Art FilterLed Theme – Colorful KeyboardKeyboard – Fun Emoji, StickerSmart WifiMy GPS LocationArt Girls Wallpaper HDCat SimulatorSmart QR CreatorColorize Old PhotoGirls Art WallpaperSmart QR ScannerVolume ControlSecret HoroscopeSmart GPS LocationSleep SoundsQR CreatorMedia Volume SliderSecret AstrologyColorize PhotosPhi 4K Wallpaper – Anime HD