Check your phone! More bad apps caught hiding in the Google Play Store

March 21, 2022

By Kim Komando

The official Google Play Store is the only place you should download applications for your Android devices. Third-party stores don’t have a robust vetting process and often harbor dangerous malware. But what happens when the official app store is also a source for spreading malware?

Inadvertently becoming infected with malicious applications is a real threat. Google has security checks in place, but cybercriminals have become more crafty in circumventing detection.

Read on to see what security researchers discovered and how you can keep your Android devices free from malware.

Here’s the backstory

In theory, Google’s Play Store for Android applications should be devoid of security threats, trojans and malware. That’s because every app in the store goes through a vetting process, and Google denies applications that don’t conform to its rules.

But criminals have found a way around the vetting process. For example, recently, an antivirus app called Antivirus, Super Cleaner hid the malicious SharkBot malware. A QR code app was also caught hiding the banking trojan TeaBot.

An investigation by Dr. Web found the Google Play Store is plagued with malware and trojans. The analysis showed a few WhatsApp clones that were used to spread malware. These apps have been downloaded by many.

Going by GBWhatsApp, OBWhatsApp or WhatsApp Plus, they accounted for almost 25% of all infections tracked by the company. In Dr. Web’s January 2022 review of virus activity on mobile devices. It also notes that many malicious apps come from the Android.FakeApp family.

Apps that were compromised in the Google Play Store include:

• GBWhatsApp – Designed to steal notification content like one-time PINs, two-factor authentication codes, or login details.
• Adorn Photo Pro – A trojan that targets confidential information such as Facebook and Instagram credentials.
• Up Your Mobile, Morph Faces and Top Navigator – Trojans from the Android.Subscription family. Their purpose is to subscribe victims to paid mobile services.
• Chain Reaction – This app claims to help you invest in certain companies without you having to do anything. However, the fake app didn’t invest any money but instead siphoned funds to scammers.

What you can do about it

While you should always download applications only through the Google Play Store, you still need to make sure they are legitimate. Cybercriminals are tricky and will find ways to outsmart the vetting process for a little while.

But Google will eventually find the culprits and remove them. Many of the malicious apps in Dr. Web’s investigation have already been removed from the Google Play Store.

Here are more ways to protect against malware:

• Read the reviews and comments before you download or install an app. If the rating is bad, steer clear of it. Android users will be quick to give it a bad review or leave a comment if it is a scam.
• Before completing the installation process, carefully read the app’s permissions. Ensure that it doesn’t access any personal information or override your mobile phone’s actions.
• After installing a new app, keep an eye on your battery level. If it drains faster than expected, the newly installed app could be handling unwanted processes in the background.
• Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

This dangerous malware can steal 2FA codes to break into your accounts

Watch out for this malware that can hijack your email threads