Virus analysts have flagged another set of malicious apps hiding adware trojans and the return of notorious malware family Joker, and they have just under 10 million downloads combined. It was only last week when 50 Android apps with Joker malware were discovered, now more are popping up.
In Dr. Web’s June virus activity review, researchers discovered 28 adware trojans built into a selection of otherwise inconspicuous apps, ranging from image-editing software and virtual keyboards to calling apps and wallpaper collection apps. These apps have millions of downloads, which means many Android users are being plagued by ads.
What is adware?
Adware is a way for threat actors to generate revenue by automatically displaying an obnoxious amount of online advertisements on a user’s screen, according to Malwarebytes (opens in new tab). Unlike the ads you may see pop up in apps or browsers, this type of unwanted software disguises itself as a legitimate app to trick users into installing it, leading to a bunch of ads that will ruin your device.
The adware trojans revealed in the report request permission to show windows over other apps or ask users to add them to the exclusion list of the battery-saving feature. What’s more, these trojans hide their icons from the list of installed apps in the home screen menu and replace icons to make them harder to find after a download.
A list of 28 apps with adware trojans show what to avoid on Google Play, with many being photo editors. This list includes Photo Editor: Beauty Filter, Photo Editor & Background Eraser, Emoji Keyboard: Stickers & GIF, Cashe Cleaner, FastCleaner: Cashe Cleaner, MyCall – Call Personalization, 4K Wallpapers Auto Changer, and more.
For a full list of apps to avoid, click here.
Joker malware strikes again
Doctor Web also found Joker malware sneaking its way into three apps. This malicious threat is known to steal your text messages, contact lists, and device information, with the report stating these trojans are “capable of downloading and executing arbitrary code and subscribing victims to paid mobile services without their knowledge.”
With nearly 100,000 downloads combined, cybercriminals may already be at work by duping users into subscribing to services without them knowing.
The three apps with the hidden malware threat include the third-party launcher Poco Launcher, a camera app known as 4K Pro Camera, and a stickers collection app called Heart Emoji Stickers. If any of these apps sound familiar, delete them now. Be sure to keep an eye out for them on the Google Play Store, too.
As with any seemingly simple app, it’s a good idea to use caution before downloading them, even if they have millions of downloads. If these apps ask for unnecessary permissions, then you could be handing over valuable personal information to hackers.
Always look at the review section on apps as well, especially if you see a high number of one-star reviews. Attackers often use fake five-star reviews to promote their malicious apps. To make sure you’re clear of any malware threats, check out our list of best antivirus apps.
