Posted ByTechViewFour malicious apps that are now available in Google Play, the official Android app store, are sending users to websites that either steal personal data or bring in “pay-per-click” cash for the developers.
Some of these websites encourage users to download phone security updates or tools in an effort to lure them into manually downloading dangerous files.
The apps have more than a million installs as of the time of publication and are still available on Google Play through a developer account called Mobile apps Group.
The same developer was previously exposed twice for distributing adware on Google Play, but after submitting cleaned-up versions, it was permitted to continue releasing apps, according to a Malwarebytes report.
This time, there were four dangerous apps discovered.
More than 1,000,000 people have downloaded Bluetooth Auto Connect.
Over 50,000 installations of the Bluetooth app sender
Bluetooth, Wi-Fi, and USB driver with more than 10,000 installations
Smart switch for mobile devices has more than 1,000 installations.
On Google Play, the apps don’t have many positive reviews, and many users have complained about the intrusive ads that launch by themselves in new browser tabs.
Intriguingly, the developer reacts to some of these remarks and offers to assist in fixing the ad issues.
Mobile applications Group has been contacted by Bleeping Computer for comment regarding the findings of the Malwarebytes researchers, but we have not yet received a response.
A 72-hour delay
Malwarebytes discovered that the Mobile applications Group program launches additional tabs with related material every two hours after a 72-hour delay before displaying the first advertisement or opening a phishing link in the web browser.
New browser tabs are opened even when the device is locked, according to the researchers, so when users go back to their phones later, they discover a number of phishing and advertisement sites open.
By utilizing fictitious log descriptors like “bbaksh,” the developer attempted to disguise logs for the operations taken, according to analysis of the Manifest file.
Although this technique defeats automatic code scanners, it made it simpler for the researchers to identify the actions.
Installing programs from unofficial Android stores should be avoided to prevent adware from entering your smartphone. Finding out if the gadget is running questionable software also involves reading user evaluations, keeping an eye on battery life, and tracking network data activities. Another great technique to keep the device secure is to keep Google Play Protect turned on.
It is advised to uninstall any of the aforementioned apps from your Android device and do a full system scan using Play Protect or a dependable mobile antivirus program.
Inquiries regarding the background of the developer and their current apps have also been sent to Google by Bleeping Computer. As soon as we hear back, we’ll update this article.