The digital store of the Play Store app hosted several photo editing software that actually stole users' images
The phenomenon of malware disguised as legitimate apps on the Play Store Google is certainly not new, but from time to time it still knows how to amaze for the number of victims it manages to involve. According to what Trend Micro recently discovered, a series of malicious applications have hidden in Google's digital store that for a long time have been able to act undisturbed with a dual purpose: to redirect users through fraudulent or pornographic websites and to steal the photos in the memory phone. The apps counted are about thirty, have already been removed from the digital store but before the report they managed to get downloaded several million times.
Malware all disguised themselves as photo editing app: among the most downloaded apps with more than a million downloads each are Pro Camera Beauty, Cartoon Art Photo, Emoji Camera and other fake software with generic but captivating names. The promise was always the same: the quick and easy application of beautification filters, for which they asked for permission to access the internal memory of the phone. After the photos were uploaded to a remote server, the required filters they didn't come for applied: in its place, a screen required updating the app in order to see the modified image; following the proposed link led to fraudulent sites. In other cases the app disappeared, disguising itself, from the list of downloaded software, but left as a memento of the annoying full screen popups, which are also gateways to fraudulent websites.
In fact, in 2017 Google launched a renewed internal defense system in its Play Store which, not in this case, did not prove to be exactly foolproof: as Trend Micro reports, to escape the controls of the Mountain View house algorithms, the malware was enough disguise your content and the address of the servers they were in contact with. The best defense against this type of threats as always common sense, and in this case a prior review of reviews to apps: in the cases analyzed, alongside enthusiastic five-star reviews, there were just as many from one; similar schemes often hide one contrast between authentic and bogus assessmentswhich should be suspicious.