Malware Hits Millions of Android Users:
The Top 5 Apps You Need to Uninstall Right Now
There’s nothing scarier than malware. When it comes to Android apps, users always have to look for possible threats. However, things are not as simple as they may seem. Researchers at Check Point discovered a new strain of malware called a, “false positive,” that targets users through Google Play by uploading malicious apps under user-friendly names.
This is how it works:
The malware tricks you into installing a seemingly harmless app onto your phone. But once you install it, the app will download other malicious apps and start reading your sensitive data without your permission or knowledge. You might be wondering about which apps are putting you at risk, but don’t worry, we have you covered.
Here’s a brief list of the top 5 offenders, which you need to uninstall immediately if you haven’t done so yet.
So, What Happened?
Another group of seemingly innocent Android apps that are meant to spread malware to endpoints and charge unsuspecting users for services has been discovered by researchers.
The Dr. Web antivirus team found the most recent batch, including wallpaper programs, keyboards, picture editors, video editors, and an occasional cache cleaner or system maintenance app. They have altogether received more than 10 million downloads overall.
After escaping Google’s stringent security measures, twenty-eight apps in total were discovered in the Google Play Store. You can see the complete list of infected android apps here.
Android Apps Hacked
Regarding the damages, the method is mainly unchanged.
Once the malware or “app,” is downloaded, most applications will try to hide, appearing as regular system apps in the app drawer. They do this with the hope that people won’t uninstall them. Then, to generate more revenue, the applications constantly push advertisements and try to sign the victim up for various premium services.
If users hadn’t granted the necessary permissions to the apps, none of this would have been possible. Even though the apps have a straightforward design and do what they claim to, they frequently request advanced permissions from users, such as the right to be exempt from battery-saving features, to run in the background even after the user closes the app, which is a big warning sign in and of itself.
Three of the apps are still available on the Play Store, though most have already been removed. Even if all of the apps were removed, they have still been downloaded millions of times. Thus, they will continue to pose a threat until they are completely deleted from the smartphones of all victims.
Below is a short list of the 5 malicious apps researchers have found that you should remove immediately:
FastCleaner: Cache Cleaner
Before Google discovered the true intentions of the app, Fast Cleaner had amassed over 50,000 installs. Using a time-tested technique, a brand-new banking trojan was introduced into the Android handsets of unsuspecting users across the country designed to steal login information as well as to intercept text messages and notifications without anybody noticing anything strange.
ES File Explorer
The most well-known file explorer app was probably ES File Explorer. That’s because five years ago, it was actually a really good app.
So, why is bad? Bloatware and adware were prevalent within the free edition, and users were constantly nagged to download more apps via pop-up notifications that you couldn’t turn off. However, things worsened when the once-popular app was removed from the Play Store for engaging in click fraud through its advertisements.
For those unaware, click fraud is the practice of secretly clicking background advertisements on consumers’ devices.
You can still download dozens more imitators from the Play Store in addition to the ES File Explorer APK nowadays. However, the program should not be used in any of its iterations.
Virus Cleaner – Antivirus Free and Phone Cleaner by Super Cleaner Studio, an app with over 14 million downloads, illustrates everything wrong with the Android ecosystem. It includes many advertisements, many of which are for products and services with a dubious reputation. Additionally, it “claims” to be an efficient security master, phone trash cleaner, WIFI security, super speed booster, battery saver, CPU cooler, and notification cleaner. None of which can at all be accomplished to any real degree by any software install.
Really, you should be ignoring any application that claims to be a “CPU cooler.”
SuperVPN is one of the most popular VPN apps for Android, with over 100 million downloads. But earlier this year, cybersecurity experts alleged that the app has some serious flaws that might let hackers launch Man-in-the-Middle (MitM) attacks and steal user data like credit card numbers, photographs, and private chats.
According to reports, hackers can also take advantage of the flaws to redirect a user’s connection to harmful websites, thus jeopardizing the security and privacy of the user.
Notes – Reminders & Lists
It is recommended not to download this app from its official website as there are concerns regarding its security and safety. It was detected by many anti-virus software systems as malicious. This app may be a scam as it doesn’t seem to work properly and asks for inappropriate permissions. So far, Notes – Reminders & Lists are not available in Google’s Play Store. It can only be downloaded from its official website. Either way, we recommend you staying far away from this app, as it might be a scam and may have malware hidden inside.
It can be challenging to differentiate between trustworthy and malicious apps. The number of pointless permissions an app requests is the one clear sign that should always cause alarm. Does a flashlight app really need access to your location? Does a cleaning app really need access to the camera or microphone?
Richard Luna, CEO of Protected Harbor, stated: “This attack is not a surprise; it should be expected. As more work is performed on mobile devices, those devices, like desktops, will be the main point of attack. Application development platforms must be better hardened to defend against this malware.
What can an end user do? Enable security and Two-Factor Authentication on as many platforms and applications as available on any platform. If you are concerned, use a desktop over a mobile device, desktops have been dealing with this type of attack for decades.”
Nick Solimando, Director of Technology at Protected Harbor, has 3 tips for businesses that operate through a lot of mobile apps:
- Only install mobile apps from providers you trust. Since harmful programs are getting better at hiding in plain sight, downloading from reputable sites is no longer the only recommendation.
- Always check the app store ratings and reviews before downloading. Users should check the reviews because they offer a reliable indication of the apps’ reliability. Additionally, be sure to verify, as threat actors have been known to spoof some of them. It’s better to avoid an app if there are few reviews for it.
- Periodically go through your mobile device and uninstall extra apps you no longer use. This will not only make you safe, but you’ll also ease memory space.
Despite Google’s constant efforts, thousands of risky apps, including malware, adware, spyware, and bloatware, may be found on the Play Store. The ones above have made it onto our list since they are some of the most frequently utilized risky Android apps.
These apps are very common and can be found on every device. However, they have been infected by malware, so they will likely try and more than likely, successfully steal your data. It’s best to uninstall them and proceed with extreme caution if you can. Always keep your device as well as apps up-to-date and avoid using third-party app stores. Android users can stay safe from potential threats by installing and keeping the latest version of their mobile operating system and using security software for mobile devices.
Protected Harbor uses the latest threat detection and prevention technology to keep your network safe and secure. Our devices are also updated regularly, keeping them secure and up to date with the latest security patches. Our software is installed in your systems to monitor suspicious activity – it can be installed on desktops, laptops, or in the cloud.
We secure your endpoints so that you can be assured your network is protected from malware and cyber threats. We protect your network by monitoring critical network assets, preventing unauthorized access to sensitive information, blacklisting malicious software, and providing real-time threat detection and response.
We are giving a free IT Audit and penetration testing for a limited time, contact us today and get one.