The number of malicious Android apps that make it to the Google Play store continues to grow at an alarming rate. Sophos has issued a new report regarding 15 apps on Google Play that are abusive and designed to do nothing but serve ads to smartphone users. On top of spamming users with ads on their mobile devices, they hide their app icons in the launcher to make it hard for users to find and remove the apps.
Sophos says that some of the apps take things a bit further and disguise themselves in the Phone app settings page. In total, these apps have been installed on more than 1.3 million devices globally. One of the apps that Sophos has discovered goes so far as to launch the first time and seemingly crash with a message that says, "This app is incompatible with your device!"
After the faux crash, the app opens the Play Store page for Google Maps to try and trick users into assuming Google Maps caused the crash. Nine out of the 15 apps in this batch used deceptive application icons and names, most of them appearing to chose names that might appear to the user as system apps. Other apps in the bunch use a library called koolib to install a service that hides icons after a predetermined time from the installation of the app.
Most of the apps were in the Play Store as a utility app, QR code reader, image editor, backup utility, phone finder, and an app to scrub the phone of private data. This is far from the first batch of apps discovered playing nefarious games with Android users' devices. Earlier this month, a bigger bunch of 172 malicious apps were discovered on Google Play that had amassed over 300 million installs. The apps Sophos has called out are below: