You can never be too careful when downloading new apps to one of the best Android phones. Case in point: Bitdefender has discovered hundreds of malicious apps on the Google Play Store that were used in a massive ad fraud campaign.
While that QR code scanner, wallpaper app or simple game might look harmless at first glance, these types of apps are often used in campaigns like this one. Sure, the app may look and function properly, but behind the scenes it can put your data and privacy at risk or (in this case) spam your device with full-screen ads.
In a new blog post, Bitdefender explains that its IAS Threat Lab initially uncovered part of this new campaign when it discovered more than 180 malicious apps. However, there are at least 331 bad apps in total and together, they’ve been downloaded over 60 million times right from Android’s official app store.
Here’s everything you need to know about this new campaign, what these malicious apps are capable of and some tips and tricks on how you can stay safe from bad apps found on the Google Play Store and elsewhere.
Avoid these apps at all costs
As of now, the majority of the malicious apps used in this campaign have been pulled from the Play Store. However, in an email to Tom’s Guide, a Bitdefender spokesperson provided the list of malicious apps below that have yet to be taken down at the time of writing:
- ShapeUp - 100k
- Beautiful Day - 5k
- Destiny Book - 10k
- Dropo - 10k
- Handset Locator - 50k
- Body Scale - 500k
- Cache Sweep TEL: Clean - 100k
- Five in a Row - 100k
- Massm BMI - 500k
- Water Note - 50k
You should avoid downloading any of these apps in the meantime. If you have any of the other 300+ malicious apps installed on your Android devices, you’re going to have to find and delete them manually.
You can find the full list of URLs associated with them and their package names here or at the bottom of Bitdefender’s blog post, though you will have to do some guesswork to figure out their exact names.
If you have Google Play Protect enabled, the built-in security software that ships with most Android phones will warn you if you have one of these apps installed.
Bypassing Android security
According to Bitdefender’s research, most of the malicious apps in question first became active on the Play Store during the third quarter of last year. However, upon further investigation, the cybersecurity firm’s researchers discovered that some were uploaded earlier than that but did not contain any malicious components at the time.
It’s worth noting that this is still an active campaign, with the latest batch of bad apps uploaded at the start of this month. These apps include Dropo as well as Handset Locator which are both still up on the Play Store at the time of writing, though they’ll likely be taken down soon.
What makes this latest collection of malicious apps so dangerous is that they were able to bypass the security protections built into Android 13. For instance, they can start without any user interaction whatsoever even though this technically isn’t possible in that version of Android.
The cybercriminals behind this campaign have also figured out how to hide the icons of these apps in the operating system’s launcher which is restricted in newer versions of Android.
Once installed on a vulnerable Android phone, these malicious apps show out-of-context ads over other applications in the foreground. Surprisingly, they’re able to do this without requesting any unnecessary permissions that would allow this behavior.
Besides spamming ads, some of these bad apps can also launch phishing attacks which are designed to persuade potential victims to willingly hand over their passwords or worse, their credit card information. Meanwhile, others point users towards phishing sites designed to do the exact same thing.
How to stay safe from malicious apps
Even if you’re extra careful online and only stick to official app stores, you could end up downloading a malicious app accidentally like the millions of people caught up in the campaign described above.
This is why I highly recommend limiting the number of apps on your phone overall. If you have fewer apps installed, you’re less likely to install a bad one or as we’ve seen in the past, to be caught off guard when a good app goes bad.
Before installing a new app, you should ask yourself if you really need it first. Can another app you already use or even an online tool help you accomplish the exact same thing? If you do go ahead with installing a new app, you want to take a close look at its ratings and reviews as Android users are quite vocal in their reviews when an app carries out suspicious or even malicious activities in the background. Since ratings and reviews can be faked though, it’s always a good idea to look for an external review or better yet, a video review so you can see the app in question in action before installing it.
While your phone likely shipped with Google’s built-in Play Protect security software, you may also want to run one of the best Android antivirus apps alongside it. These paid antivirus apps are updated more frequently and can sometimes catch things that Google Play Protect might miss.
Malicious apps are one of the easiest ways to gain access to the sensitive personal and financial information stored on your smartphone. However, if you’re very selective about which apps you install and keep the ones you do regularly updated, you’ll be less likely to fall for this kind of attack.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
