Despite Google’s efforts, 16 malicious apps that contained the Clicker malware managed to bypass the search giant’s defenses and ended up in Google Play Store.
According to new Blog post (Opens in a new tab) From McAfeeThese nasty apps, masquerading as utilities like flashlights and calculators, have been downloaded more than 20 million times from the Play Store.
Fortunately, researchers from the cybersecurity company reached out to Google and all the apps involved have since been removed from the Play Store. However, if you have any of them installed on your Android smartphone or tablet, you will need to delete them manually.
These malicious applications and Malware They contain are not able to steal your identity or data but they are committing an ad fraud in the background. The danger here is that when these apps visit websites to earn revenue from ads, they drain your battery and that can also slow down your phone.
Delete these apps now
Here is the complete list of all 16 malicious apps that McAfee detected with permission from McAfee pirate news. You may notice that there are multiple instances of Flashlight+ but they are actually featured apps from different developers. They should be manually removed from Android devices as soon as possible to avoid additional wear of their batteries.
- high speed camera – More than 10,000,000 downloads
- Smart Task Manager – 5,000,000+ downloads
- flashlight + – 1,000,000+ downloads
- 달력 메모장 (notepad calendar) – 1,000,000+ downloads
- K-Dictionary – 1,000,000+ downloads
- Busan Bus – 1,000,000+ downloads
- flashlight + – Over 500,000 downloads
- Quick note – Over 500,000 downloads
- currency converter – Over 500,000 downloads
- Joy Code – 100,000+ downloads
- Izdeka – 100,000+ downloads
- Instagram Profile Downloader – 100,000+ downloads
- Notes – 100,000+ downloads
- 손전등 (flashlight) – More than 1000 downloads
- 계산기 (calculator) – More than 100 downloads
- flashlight + – More than 100 downloads
Hide their malicious behavior
While these 16 malicious apps do what their Play Store listings describe, they also download a remote configuration by executing an HTTP request after you open them. However, they have registered a Firebase Cloud Messaging (FCM) listener to receive push messages to commit ad fraud on your devices.
The cybercriminals behind this campaign are using FCM messages to let the in-app Clicker malware know which sites to visit for ad clicks. Not only does this consume your data plan and drain your battery, but it also makes money for cybercriminals.
Since these apps visit websites in the background, you won’t actually be able to tell that they’re doing so. Other malicious apps are much more dangerous but these apps put extra pressure on Best Android Phones upon installation.
How to stay safe from malicious apps and mobile malware
When it comes to protecting yourself from malicious apps, you should avoid downloading apps that don’t come from official app stores like Play Store, Amazon App Store or Samsung Galaxy Store. In this case, doing so wasn’t helpful but in general, you want to avoid this sideload apps On Android though, doing so can be tempting.
If you happen to download and install a malicious app, the Best antivirus apps for Android It can help you keep yourself protected. Likewise, you should make sure that google play for protection It is enabled on your Android smartphone because it frequently scans all your apps for malware.
Finally, if an app looks too good to be true, it probably is, which is why you should think carefully before installing any new apps on your devices.
ad fraud It is a very lucrative business for cybercriminals and for this reason, we will likely keep seeing malicious apps that visit websites to get clicks while draining your battery and slowing down your smartphone going forward.
[ad_2]