Nearly 30 malicious Android Apps have been found propagating malware through the Google Play Store. A wide range of application types with infections were identified:
- Image editing apps
- Virtual keyboards
- System tools and utilities
- Calling apps
- Wallpaper apps
- Launchers
- Camera apps
- Emoji sticker apps
Removal of these malicious apps can sometimes prove difficult, as they may hide their icon from the installed apps list or replace their icons to blend in. Several of these apps functioned as advertised on the Play Store and also performed malicious actions in the background.
Some of these apps request permissions to allow an adware infected app to draw over other apps, placing ads on top of other legitimate apps. One set of apps distribute Joker malware, which subscribes the user to paid mobile services without the user’s consent. Another set of apps included malware with the purpose of stealing Facebook accounts by presenting a legitimate Facebook login page but stealing the entered credentials. The final subset of these malicious apps prey on users by masquerading as dating apps, but instead trick the user into providing their phone number, or prompting the user to pay for fake “Premium Access” options to continue a chat.