Android users note that new malware in the Google Play Store is coming for your data.
This new malware, “Facestealer”, can steal personal information on your phone, hijack your social media passwords by forcing fake logins and inflate your device with intrusive ads.
Security researchers at Doctor Web Anti-Virus discovered that Facestealer lurked in 10 Android apps in July 2021. Still, the latest batch of shady downloads includes 200 malicious apps, nearly all of which were available on the Google Play Store and other marketplaces. from third parties for several weeks before they were removed.
While the problem apps came from different categories, the most common were:
Fake VPN services cameras, photo editing apps, and- unsurprisingly- cryptocurrency-related apps.
The fake crypto apps were even seeded with additional malware that could potentially steal a user’s wallet keys.
All 200 apps have been removed from Google Play and other download sources. However, many of these apps managed to rack up thousands of downloads in the few weeks they were available. Of course, users did not intentionally download malware – such apps often appear legitimate on the surface and even include all of the advertised features or rip off the appearance and design of other apps to look more like the real thing.
These apps can even trick Google. While Google Play has built-in anti-malware protection and scans all apps uploaded to the service, malicious app developers have devised sophisticated ways to hide their unauthorized intentions. So while Google’s scans make things clear, the code hides simple commands that install a hidden malware payload or silently download it from a remote server in the background. (This is how other infamous Android malware like Joker and Squidward work too.)
While Google may eventually get to the bottom of these tricks, they’re often reactive rather than proactive, meaning new infection methods can pop up anytime and take weeks to resolve. This is a major flaw in Google’s and Android’s security measures and cannot be fixed overnight.
However, avoiding Android malware is not impossible; you must watch what you download to pto spot problematic apps proactively to avoid Android malware.
We’ve covered many of the telltale signs of a malicious app before, including (but not limited to) if an app:
Requests excessive and unrelated app permissions. For example, a VPN does not need access to your camera. Requires installation of “additional software” or attempts to sideload additional apps. Spams you with ads. You are suddenly asking for payment info to keep using free features (especially if those are freely available from other apps or already built into your device). It is an obvious rip-off from other popular apps. It is only available in sketchy or unknown third-party stores.
Not every bogus app will trigger red flags – that’s part of why they’re so common – so always check the reviews first. And I mean, read the reviews. Don’t just check the app’s star rating or the top-rated feedback. If you notice some 1-star reviews that evoke shady behavior or poor quality, or if the only reviews are 5-star reviews without much information, it’s probably fake.
And if you’re ever in doubt, don’t download it. And if you do download something that later turns out to be strange or an outright scam, please remove it, leave a review to warn others, and report the app to Google.