Android Malware Downloaded 1.5 Million Times By Users Booted From Google Play Store
Malware has been a common problem within the Google Play Store, and two apps that have run a malicious adware scheme have been the latest to get the boot. The apps have been raking in the cash for their authors, but have consequently been putting the people who have downloaded them through living hell.
The first of the app is called Sun Pro Beauty Camera, and it amassed over 1 million downloads since it first appeared on the Play Store. The second app, Funny Sweet Beauty Camera, which was created by the same developer, garnered in excess of 500,000 downloads. Not only would the apps display intrusive ads that were hard or nearly impossible to close out (even when the apps in question were not open), but the adware would also drain users' batteries and in some cases even brick devices (which would result in the affected user unfortunately needing to buy a replacement device).
According to the researchers at Wandera, who are credited with discovering these reckless apps, SunPro Beauty Camera first showed up on the Play Store in 2017, while Funny Sweet Beauty Camera first showed up this past July.
Among the permissions that the apps requested upon installation were to record audio, activate automatically upon booting the device into the Android environment, and take advantage of the system alert window to allow for content overlays over currently running apps.
And the developers also took an extra step to ensure that their nefarious deeds weren't uncovered. "The APKs of both apps are packed with a Chinese packer, Ijiami. Packers are often used to protect the APK from being unwrapped and analyzed," writes the Wandera team. "This functionality is usually used by gaming apps to prevent other developers from copying them, so it isn’t a clear indicator of ill intent."
Luckily, both apps have since been removed from the Play Store by Google, but if you for some reason installed either of these apps, now might be a good to uninstall them lest you end up with a bricked device like other unfortunate souls.