Several malicious Google Play Android apps, which have been installed more than 2 million times, hide their presence on infected devices while pushing intrusive ads to users.
In the latest monthly mobile threat report, Doctor Web analysts identified Trojans on Google Play related to the “FakeApp”, “Joker”, and “HiddenAds” malware families.
Of particular interest are the following four adware (HiddenAds) apps disguised as games:
- super skividdy killer – 1,000,000 downloads
- agent shooter – 500,000 downloads
- rainbow stretch – 50,000 downloads
- rubber punch 3d – 500,000 downloads
Dr. Web explains that once victims install these apps on their devices, they replace the icon with the Google Chrome icon or use transparent icon images to free up space in the app drawer. and hide.
These apps secretly run in the background when launched and exploit your browser to launch advertisements and generate revenue for their operators.
Analysts also discovered several apps belonging to the FakeApp family that direct users to investment scam sites.
In other cases, Dr. Web discovered gaming apps loading questionable online casino websites in violation of Google Play policies.
Some notable examples of them are:
- eternal maze (Yana Pospielova) – 50,000 downloads
- jungle gem (Vaibhav Wable) – 10,000 downloads
- secret of the stars (Pepperstocks) – 10,000 downloads
- fire fruit (Candre Seville) – 10,000 downloads
- cowboy frontier (Precipice Game Studios) – 10,000 downloads
- enchanted elixir (Acomadyi) – 10,000 downloads
Finally, our antivirus team discovered two Joker family apps on Google Play that subscribe users to premium paid services.
- love emoji messenger (Korsinka Vimoipan) – 50,000 downloads
- beauty wallpaper hd (fm0989184) – 1,000 downloads
All apps featured in this report have been removed from Google Play as of this writing.
Still, users who may have installed them in the past should remove them immediately and run a full device scan using Play Protect and a mobile antivirus tool.
Dr. Web also published a list of all malicious Android app hashes that its analysts discovered on GitHub in the last month.
To avoid downloading malicious software from Google Play, keep the number of apps you install to a minimum, carefully read user reviews, and check if the publisher is trustworthy.