Google bans 29 apps that may have stolen your photos
Editing photos on your smartphone is now quick and easy, thanks to numerous photo apps. But apparently, there were also some applications on the Google Play Store that were after your pictures.
The security company Trend Micro has found 29 apps in the Play Store aimed at generating user traffic and stealing their photos. Meanwhile, Google has removed the fraudulent apps from the Play Store, but they have been downloaded millions of times before and have already done a lot of damage.
The apps are listed in the Security Center as "AndroidOS_BadCamera.HRX" and are initially inconspicuous immediately after installation. A little later, however, some of them download fraudulent or pornographic content and show it as a full-frame display when unlocking the smartphone. Others try to lure users to counterfeit websites to get personal information.
Furthermore, the apps upload the images of users to private servers if they want to apply a filter to a photo using the photo editing app, for example. Since this function is usually not included at all, the user gets an error message that he should download an update for the app. Also, some free video players were among the suspicious apps.
How did the apps get onto the Play Store?
As Trend Micro's detailed analysis shows, the apps have flown under the radar of Google's Play Protect security system by hiding the malicious code in encrypted packages. In addition, they had been coded twice using the Base64 method.
Am I affected?
Along with the malware analysis, Trend Micro has of course also published a list of apps that you can use to check if you might be affected:
These are the malfunctioning apps
|Packet Name||app name||installations|
|com.beauty.camera.years.pro||Pro Camera Beauty||1.000.000+|
|Com.cartoon.art.photo.ygy.camera||Cartoon Art Photo||1.000.000+|
|<font color="#ffff00">-==- proudly presents||Emoji Camera||1.000.000+|
|art.eff.filter.photo.editor||Artistic effect filter||500.000+|
|<font color="#ffff00">-==- sync:ßÇÈâÈâ||beauty camera||100.000+|
|com.selfie.camerapro.pro||Selfie Camera Pro||100.000+|
|com.camera.beauty.kwok.horizon||Horizon Beauty Camera||100.000+|
|<font color="#ffff00">-==- sync:ßÇÈâÈâ||Art Effects for Photo||100.000+|
|<font color="#ffff00">-==- sync:ßÇÈâÈâ||Awesome Cartoon Art||100.000+|
|com.photoeditor.artfilterphoto||Type Filter Photo||50.000+|
|com.photocorner.artfilter.arteffect.prizma||Art Filter Photo Effcts||10.000+|
|<font color=#38B0DE>-==- Proudly Presents||art effect||10.000+|
|<font color="#ffff00">-==- proudly presents||Wallpapers HD||5.000+|
|com.perfectmakeup.magicartfilter.photoeditor.selfiecamera||Magic Art Filter Photo Editor||5.000+|
|appworld.fillartphotoeditor.technology||Fill Art Photo Editor||1.000+|
|com.artphoto.artfilter.artpiczone||kind of filter||1.000+|
|com.photoeditor.cartoonphoto||Cartoon Art Photo||1.000+|
|com.photoeditor.prismaeffects||Prizma Photo Effect||1.000+|
|com.cmds.artphotofiltereffect||Cartoon Art Photo Filter||100+|
|com.latestnewappzone.photoartfiltereditor||Art Filter Photo Editor||100+|
|timepassvideostatus.photoarteffect.cartoonpainteffect||Photo Art Effect||10+|
|com.techbuzz.cartoon filter||Cartoon Photo Filter||5+|
However, as Trend Micro once again points out, almost all malware apps also had negative ratings, which should serve as a clear indication to other users against downloading them. The advice of the security company is, therefore, the same: "Read ratings first!" Here it is particularly noticeable if an app has a particularly large number of 5 and 1-star ratings in equal measure.
Did you get it? Did you have one of the malware apps on your smartphone?
Via: Android Police Source: Trend Micro
Generally trust Play Store for this stuff, but since I have an anti-malware app (BitDefender) for APKs, that also scans Play Store installations, I'd be curious if third-party products were detecting these culprits. That has been the case for some past malware.
Google didn't like the competition of "borrowing" user data ;)