Check your phone! Dozens of malicious apps caught spying

Check your phone! Dozens of malicious apps caught spying
© David Herraez | Dreamstime.com

It’s honestly a miracle that people continue to download apps from the Google Play store at this point. Whether they’re harvesting your data covertly or signing you up for services you don’t need, Android apps loaded with malware are all too common.

Once Google is aware of the problem, they delete the dangerous apps for good, but that doesn’t help the people who were affected in the meantime. Tap or click here to see the mess the last batch of malicious apps created.

Another group of malicious apps has been discovered by security researchers. These apps were part of a multi-year-long campaign that may involve several high-profile government targets. If you got caught in the crossfire, your data may be in the hands.

Keep reading to see the apps you need to check your phone for right now.

Casualties of cyberwarfare

In conventional war, innocent civilians who get caught in the middle are said to be “collateral damage” or “casualties of war.” But what happens when ordinary people get mixed up in digital attacks during a cyberwar?

According to new reports from Kaspersky Labs, this exact scenario may have been happening through a number of malicious apps hiding in plain sight on the Google Play store.

These apps, now deleted by Google, installed a backdoor trojan called PhantomLance, which is capable of stealing data like call logs, contacts, GPS coordinates, SMS messages and device data. The information was covertly sent to a server somewhere else in the world, leaving the victim none the wiser.

The apps in question are apparently connected to OceanLotus, a hacking group linked to attacks on the Vietnamese and Chinese governments. At least 20% of the code from these apps matches older cyberattacks from this group on government targets, which indicates this wave may be part of a much larger campaign.

Kaspersky researchers found evidence these apps have been quietly harvesting data for about four years now, which would line up with the OceanLotus timeline as well.

And to think that we assumed cyberwarfare wouldn’t intrude on the lives of ordinary civilians. This line of attack just scratches the surface of what high-profile hacks are capable of. Tap or click to see Russia’s previous cyberthreats on our power grid.

What apps do I need to delete from my phone?

The good news is these apps have been removed from the Google Play store. The bad news is there aren’t too many ways to see the exact apps in question.

Fortunately, Kaspersky was able to confirm at least a handful of them. If you have any of the following apps on your device, delete them immediately:

  • BrowserTurbo
  • OpenGL
  • AdsSkipper
  • PrayerBook
  • Beer Address
  • BiFin Ball
  • BrowserCleaner
  • FFont

Many of these malicious apps are still floating around on third-party app stores like APKPure, which don’t have the same level of moderation as Google Play. In other words, absolutely none.

Any apps you may have downloaded from a third-party app store really should be deleted immediately. For extra peace of mind, you may even want to go through your collection of apps and delete anything you’re not frequently using.

Apps are what make our phones so flexible, but they can also be hijacked by hackers and cybercriminals to be used against us. To stay safe, try to only download applications from trusted sources. All it takes is one bad app to spoil a whole bunch of phones.

Tags: Android, cyberattacks, cybercriminals, cyberwarfare, Google Play Store, Kaspersky Labs, malware, security