Google Removes 38 Malicious Applications from Google Playstore. As per the analysis by Whiteops, the apps were malicious and were removed by Google’s Playstore.
Google Removes 38 Malicious Applications from Google Playstore
Google Playstore removed 38 Malicious Applications after they served no other purpose than serving malware to its users. The applications were mostly selfie-taking based which had almost 600k downloads.
The research points out that, in January 2019, the first batch of such apps (21 out of 38) appeared on Google Play and concentrated on taking selfies or applying filters to pictures of users. But those were quickly removed from the Google Play store following the detection of their malware-like behavior.
The developers had modified their strategy by September 2019 and released a batch of 15 apps that had a much slower pace of removal. Two new apps, namely Rose Photo Editor & Selfie Beauty Camera and Pinut Selfie Beauty Camera & Photo Editor, were updated in November 2019 with “most of the fraudulent code,” to avoid detection, the paper said.
Whiteops said the applications were hiding the malicious parts of the code in the Extra Dex files than the packing binaries, which was used by older forms of malicious applications. The code also used Arabic Characters to avoid detection as some developers are not familiar with these characters.
These apps displayed out-of-context advertisements as stated, and in some cases, they removed app icons that made it difficult for users to uninstall the app from their Android devices. Though Google has removed these 38 apps from the app store, they are probably still installed on multiple devices.