Beware Of These Sinister Android Apps Laced With Malware In Google's Play Store

Android doll looking angry and holding a baseball bat
There are millions of Android apps in Google Play, and while there are safeguards in place to keep malicious ones from sneaking in, a few bad apples inevitably creep through the door. When that happens, millions of devices can end up infected. A recent security report called attention to a handful of them that have amassed over 2 million downloads.

The security folks at Dr. Web this week posted a security report detailing virus activity on mobile devices for the month of May 2022. On the bright side, the researchers noted a 13.48 percent decline in the Android.Spy.4498 trojan, which steams information from notifications. However, it's still the most prominent Android threat, and it's not the only one.

"Over the month, Doctor Web’s virus laboratory tracked new malware being spread through the Google Play app catalog. Among them were Android.Subscription trojans that subscribe victims to paid mobile services, fraudulent Android.FakeApp apps, Android.HiddenAds adware trojans, and Android.PWS.Facebook password-stealing malware targeting Facebook users," the report states.

In scanning Google Play for threats, the researchers say they found a "large number" of infected apps last month. Some of the ones listed in the report have since been removed, but several remain. Additionally, in some cases it appears as though the offending app may have been re-uploaded under a different developer name, but it's not clear if those are infected.

Driving Real Race Android app
According to Dr. Web, this app loaded sites that would subscribe victims to paid mobile services

Here are the apps...
  • Wild & Exotic Animal Wallpaper (Kelomo Apps): Trojan that displays ads and tries to hide itself by changing its icon.
  • Magnifier Flashlight (Milo Nader): Hides its icon from the apps list on the home screen menu and displays video and banner ads.
  • PIP Pic Camera Photo Editor (savoy): Hijacks Facebook credentials.
  • PIP Camera 2022 (savoy): Hijacks Facebook credentials.
  • Camera Photo Editor (savoy): Hijacks Facebook credentials.
  • Light Exposure Photo Editor (Dancma): Hijacks Facebook credentials.
  • ZodiHoroscope - Fortune Finder (Sarawaer): Hijacks Facebook credentials.
  • Recovery (DyreevVadimApp):Subscribes victims to paid mobile services.
  • Driving Real Race (yuriivasin555): Subscribes victims to paid mobile services.
  • Компенсация НДС (randal): Loads fraudulent websites designed to steal personal info and money.
  • Only Fans App OnlyFans Android (OnlyFans Z): Tricks users into completing various tasks.
A couple of the apps outlined in the security report racked up half a million downloads each. If you come across any of these apps on Google Play, run in the other direction.