Revealed: The 25 malicious Android apps you don't want on your mobile

The apps disappear off the home screen after being downloaded.
The apps disappear off the home screen after being downloaded. Photo credit: Getty

More than two dozen apps containing malware have been found in the Google Play Store for Android devices.

The malware causes full-screen ads to pop up on your device at random times, and tracing the app responsible can be almost impossible.

Most of the suspicious apps were "masquerading" as photo utility or fashion apps, and had been downloaded more than 2.1 million times, according to cybersecurity and software company Symantec.

"These 25 malicious hidden apps share a similar code structure and app content, leading Symantec to believe that the developers may be part of the same organisational group or, at the very least, are using the same source code base," software engineers May Ying Tee and Martin Zhang wrote in a blog post.

The company said it reported the apps to Google on September 2, and the apps have since been removed from the store. 

Revealed: The 25 malicious Android apps you don't want on your mobile
Photo credit: Symantec

However, because the apps contain software that makes them disappear off the home screen "users can easily forget they downloaded them", meaning finding the annoying apps can be tricky.

The company said that when first installed the app is visible and usable just like any other app. However, at some point a request is made in the background via a third-party service to download a remote configuration file. 

"We intercepted the configuration file and spotted several different configurations including one that can toggle the app's icon-hiding behaviour, as well as other advertising-related settings," the company said.

Once the configuration file was downloaded it was extracted by the malware.

After the app's icon became hidden, the malware caused advertising to be displayed, showing up even when the app was not being used. Some of these ads were displayed full-screen and at random times, making it impossible for users to know which app was causing them to show up. 

"Monetary gain from advertising revenue is likely the motivating factor behind these apps," Symantec said.

In order to protect their mobile devices from malware, users were urged to keep their software up to date, only install apps from trusted sources and pay attention to permissions requested by apps.

It's not the first time malicious apps have been found in the online store.

Earlier this year around 50 apps were found on Google Play containing malware. And just last month, tens of millions of Android users were urged to delete the 'CamScanner' app for similar reasons. The app was later updated to remove the suspicious software.

The full list of malicious apps

App name - Developer

Octopus - Kulomylong

Auto Blur Photo - Burnerfock

Blur Image Pro - Fisher Dev

Picture Photo - Kennith Ortiz

Face Feature - Fater Dev

Fashion Hairstyles Pic Editor - Goveroy Dev

Image Blur Editor Free - Setperal

Bowhead - Kensendy

Photo Cut Pro - WWL Dev

Yasuo Art - Magicalla Studio

Fashion Hairstyles pic Editor 2019 - Digtal Dev

Latest Hairstyles Free - Lyynforture

Positive Photo Collage - Lyynforture

Cut Photo Editor - Superjunia

Blur Image Plus - Past Dev

Autocut Photo - OOI Dev

Cut Background - Richard Media Studio

Hairstyles Photo Editor Plus - FFmore Dev

Amazing Photo Cutout - Sistermopub

Photoloop - Sistermagci

Pop Color - Pumana Dev

Sky Camera Pro - HCamera Studio

Photo Background - Flydog Dev

Blur Image Plus - Past Dev

Photo Blur Background Maker 2019 - Goulmook Dev

Users are encouraged to regularly review the apps they have on their phone and delete those which they don't use.

Newshub.

 

Contact Newshub with your story tips:
news@newshub.co.nz