Google has removed over two dozen malicious Android apps from the Play Store that were collectively downloaded millions of times. The apps, which went to great lengths to appear legitimate, sent users pornographic content, redirected them to phishing websites, and collected photos under the guise of applying filters to them.
The three most downloaded of the bunch were camera apps, and specifically Pro Camera Beauty, Cartoon Art Photo, and Emoji Camera. Each one notched over 1 million downloads. Several others were downloaded hundreds of thousands of times, such as Artistic Effect Filter, which racked up over half a million downloads.
"These apps seemingly allows users to 'beautify' their pictures by uploading them to the designated server. However, instead of getting a final result with the edited photo, the user gets a picture with a fake update prompt in nine different languages. The authors can collect the photos uploaded in the app, and possibly use them for malicious purposes—for example as fake profile pics in social media," Trend Micro explained in a blog post.
Fake profiles are rampant on social media sites, and this is one way that malicious actors are able to collect large batches of photos to make those profiles appear real. However, that was not the only intent of these apps.
Some of the apps also pushed out full screen ads, including malicious ones containing fraudulent and pornographic content, to users as soon as they unlocked their handsets. These would load in the user's browser and the not apps themselves, so it was not obvious that an app was the culprit. Some of them also redirected users to phishing sites that asked for personal information, including addresses and phone numbers.
Many of the apps took "great pains to look as legitimate as possible" and were difficult to uninstall. That's because they would hide their icons from the application list. So, how can users prevent this sort of thing? Other than only downloading popular apps that are known to be legitimate, Trend Micro advises reading through the user reviews to look for any mentions of suspicious behavior.
Unfortunately, this is an ongoing problem. Back in December, Google pulled 22 malicious apps from the Play Store that had been download over 2 million times. Stay diligent, folks.