Well-encrypted malware was found in the official Google Play store directory that appropriated content and tried to obtain confidential user data. Virus components were hidden in applications for editing and processing photos, which were especially common in Asia, although in USA such utilities with beauty filters are gaining more and more popularity.
Often, solutions offered by third-party developers are distinguished by a large set of functions and a convenient interface. For this reason, virus programs, especially for Android smartphones, can spread in huge numbers. Cyber security researchers at Trend Micro have found at least several dozen fake photo apps with beauty components on Google Play. The programs saved private photos of users, and then sent them to third-party servers. Fraudsters, in turn, selected the necessary personnel for sale or use for illegal purposes.
Discovered and then removed, nearly three dozen fake photo editors on Google Play were engaged in stealing personal images and displaying full-screen advertising banners when unlocking a smartphone. Often, programs were used as bait to obtain personal information about the user. Experts estimate that 29 "bad" Android apps have been downloaded over 4.3 million times.
From the moment of installation, the user may not immediately determine that the operation of the application does not coincide with its declared description. Often, along with it, malware files that cannot be detected initially enter the smartphone. Virus software usually has a shortcut invisible to the system, so it is difficult to identify and remove.
Such applications masked their malicious components well. For this, some programs used compression archives to become invisible to antiviruses. Other utilities used strong encryption when transmitting information to servers and hid their presence in the general list of applications to avoid deleting the shortcut to the trash. The malware also acted as an intermediate link for redirecting to a phishing page, where they tried to get the user's address, phone number and other personal information. Instead of processing the photos, the malware stole the images and sent them a fake link in return. At the same time, many applications have gained considerable popularity and a significant mass of positive reviews. The number of downloads of fake programs all over the world reaches millions of values.
The Topic of Article: Google Play was cleaned of three dozen viral apps.