A security firm has discovered fifteen risky apps on the Google Play Store. These harmful apps that have gone a stage further—literally “hiding their app icons in the launcher… or disguising themselves in the phone’s App settings page.” Shockingly, these apps have been downloaded by users more than 1.3 million times collectively. Many of these apps were published in the Google Play Store as recently as July. These dodgy apps seem like utility apps, but they are the adware that automatically generates large and intrusive ads onto our device.
According to a report by the firm SophosLabs, after installation, these malicious adware apps don’t even show up as icons in the launcher, which makes it very challenging for users to identify, detect, and delete them. Initially, it was reported that some of these apps showed a misleading error with the message saying that the app is not compatible with the device when the user tries to launch them. On the other hand, the app runs in the background and generates frequent, large intrusive ads. These apps hide their app icons in the launcher to make it difficult for the user to find and remove them.
“If history is any indication,” Sophos warns, “there are likely many more waiting to be found.”
In brief, these malicious apps trick users into installing them to perform a trivial service. The app disappears from view, but it is running, disguised under a system name, making it impossible to detect and stop without effort. If these apps aren’t visible, then they won’t elicit the user’s concerns, and consequently, they become more challenging to delete without making an effort to detect them. That is the theory. But now those apps have been exposed. Users are urged to root these apps out, stop them, and delete them completely.
Let’s be clear, free apps that deliver ads in their unpaid versions might be irritating, but they’re not necessarily fraudulent. But here we are talking about apps designed to deliver ads—it’s their sole purpose. It is the direct opposite of free apps; the ads are the focus, and the app itself a wraparound.
Nine out of fifteen apps deliberately used icons and names to set out to fool people into thinking they were system applications required for their Android device. These apps include image editors, QR code scanners, and a phone finder.
“The app icon is still visible in the phone’s ‘gear’ Settings menu, under Apps,” Sophos explained.
Here are the fifteen apps exposed by Sophos.
These malicious apps have been removed from the Google Play Store. But, 1.3 million users already have them on their phone running in the background without their knowledge. We strongly advise everyone to carefully sift through your child’s Android devices and remove any of these applications at once. The mere presence of these applications can have potential security and privacy leaks that parents would want to avoid at all costs.
Here is the full list of packages to look out for:
|App||Package Name||Installs||Published Date|
|Flash On Calls & Messages||free.calls.messages||1,000,000+||Jan 2019|
|Read QR Code||com.a.bluescanner||10,000+||May 2019|
|Imagine Magic||com.bb.image.editor||10,000+||May 2019|
|Generate Elves||com.cc.image.editor||100,000+||June 2019|
|QR Artifact||com.doo.keeping||1,000+||May 2019|
|Find Your Phone: Whistle||com.e.orangeredscanner||10,000+||July 2019|
|Scavenger — speed guard||com.hz.audio||10,000+||June 2019|
|Auto Cut Out Pro||cos.mos.comprehensive||10,000+||April 2019|
|Background Cut Out||com.garbege.background.cutout||10,000+||July 2019|
|Photo Background||com.hanroom.cutbackground||50,000+||July 2019|
|Image Processing||com.jiajia.autocut.photo||100,000+||July 2019|
|Background Cut Out New||com.jiakebull.picture.background||50,000+||July 2019|
|Auto Cut Out||com.fruit.autocut.photo||10,000+||July 2019|
|Auto Cut Out 2019||com.huankuai.autocut.picture||10,000+||July 2019|
Andrew Brandt, a principal researcher at Sophos, warns that “while these apps have been removed from the Google Play Store, there may be others we haven’t yet discovered that do the same thing.”
He also explained that if the user suspect wants to check against the published list, tap Settings >> Apps & Notifications. At the top of this page, there will be a list of most recently opened apps. If you observe any app using the generic Android icon (which looks like a little greenish-blue Android silhouette) and have generic-sounding names, for instance Back Up, Update, Time Zone Service, tap the generic icon and then click “Force Stop” followed by “Uninstall.” One thing to notice here is that if these are real system apps, they won’t offer an “Uninstall” option; in fact, they will have a “Disable” option.
Lastly, the typical advice is applicable here. Try to avoid trivial utility apps just because they seem beneficial and free – they are free for a reason. Even if the downside is simply unwanted ads, the fact is such dodgy apps can be riskier than that. Also, you can save yourself by checking customer reviews before installing an app from an unknown developer. Given how much personal information we carry on our smartphones, don’t leave the backdoor open to anyone with a free install.