It’s unfortunate how often we hear about apps containing malware on the Google platform (It’s not like they’re alone with a malware problem.). Every time we learn about new Trojans, it’s a reminder to be diligent when downloading new apps. This time, the newly discovered applications have more than two million combined downloads, which means many devices have been compromised.
Cybersecurity Doctor Web discovered a Trojan on Play Store under the name “Fast Cleaner & Cooling Master”. This app claimed to be for OS optimization and claimed to improve Android performance on your smartphone. Instead, the app secretly communicates with developers via Firebase Cloud Messaging or the AppMetrica Push SDK, displays ads on victims’ smartphones, or uses those devices as proxy servers. If you had the app installed on your Android, for example, third parties could route their traffic through your device.
This app had fewer than 1,000 downloads, which, while not ideal, is not a huge malware leak. However, Doctor Web also discovered other Trojans that used Firebase Cloud Messaging to communicate with their developers, this time to load specific websites. They discovered three apps that fit here: “Volume, Music Equalizer” with 50,000 downloads, “Bluetooth, Wi-Fi and USB” driver with 100,000 downloads, and “Bluetooth device auto connect” with a million Downloads Bluetooth Device Auto Connect was advertised as a solution to improve your Bluetooth connection, as well as providing automatic connection to Bluetooth devices so that you could, in theory, bypass Android’s Bluetooth settings menu every time you wanted to join.
“Bluetooth device auto connect” is not the only Trojan with so many downloads. “TubeBox” also had over a million downloads alone, probably because it attracted people as an easy way to earn money. Users would only need to watch ad-supported videos in the app, which would theoretically generate coins and coupons that they could then redeem for real money. The problem was that no one could redeem their credits due to “issues reported by the app”. As you might guess, the app was never intended to pay users money. Instead, the developers kept all the ad revenue generated from users’ viewing history. While we don’t have stats on those numbers, the fact that the app has been downloaded over a million times means that the scammers likely made off with a fair amount of ad money.
Protect yourself from malware apps in the Google Play Store
Unfortunately, Google doesn’t have any kind of alert to suggest that an app you’re looking at is potentially malware. Once an app is approved, it appears in the store like any other, until Google learns something about the app to remove it. However, there are steps you can take to keep yourself and your device safe.
G/O Media may receive a commission
First of all, always inspect the Play Store page of an app in its entirety before downloading it. The application name makes sense? “Bluetooth, Wi-Fi and USB” is a horrible name for an app and it screams malware at me. Then check the graphics and description of the application. Does everything seem carefully designed and well put together? Does the application description match the intended use? AAre there things misspelled or misspelled? Those can be big red flags.
Reviews are also very helpful. Often, users who download malware complain about the app’s effects on their phone. You might see negative feedback about the number of ads being shown to users, how slow it makes your phone, or how the app doesn’t do anything it’s designed to do. If you see enough of these warning signs, you should stay far.