These apps have reportedly been identified to render fraudulent advertising in users' devices
Google has removed over 30 popular apps, including the ones that add beauty filters to your photos, from the Play Store after these were discovered to have malicious malware. These apps will not be available for download from the Play Store for new users, but the 20 million users who have already downloaded them need to make sure they uninstall the apps from their phones to avoid security mishaps. Among the 30+ apps, it's the third-party selfie apps that have found to be most fraudulent. As per security researchers WhiteOps, the apps have the ability to bombard users with unwanted ads and redirect them to websites without ever clicking on a link. It should also be noted that in some cases, it was nearly "impossible" for users to delete these apps once downloaded.
Here are the apps, published by WhiteOps, that have been removed from Google Play Store. If you have them installed, get rid of them as soon as possible.
Yoriko Camera 1,00,000
Solu Camera 5,00,000
Lite Beauty Camera 1 million
Beauty Collage Lite 5,00,000
Beauty and Filters camera1 million
Photo Collage and beauty camera 1,00,000
Gaty Beauty Camera 5,00,000
Pand Selife Beauty Camera 50,000
Cartoon Photo Editor and Selfie Beauty Camera1 million
Benbu Seilfe Beauty Camera1 million
Pinut Selife Beauty and Photo Editor1 millionMood Photo Editor and Selife Beauty Camera5,00,000
Rose Photo Editor and Selfie Beauty Camera1 million
Selife Beauty Camera and Photo Editor1,00,000
Fog Selife Beauty Camera1,00,000
First Selife Beauty Camera and Photo Editor5 million
Vanu Selife Beauty Camera1,00,000
Sun Pro Beauty Cameraa1 millionFunny Sweet Beauty Camera5,00,000
Little Bee Beauty Camera1 million
Beauty Camera and Photo Editor Pro1 million
Grass Beauty Camera1 million
Ele Beauty Camera1 million
Flower Beauty Camera1,00,000
Best Selfie Beauty Camera1 million
Orange Camera5,00,000Sunny Beauty Camera1 million
Pro Selfie Beauty Camera5,00,000
Selfie Beauty Camera Pro1 million
Elegant Beauty Cam-201950,000
The aforementioned apps have collectively amassed more than 20 million downloads. WhiteOps explained in its websites that these apps render fraudulent advertising in users' devices. "What these apps all have in common - besides their fraudulent tactics - is their focus on beauty. Most purport to be selfie apps that add beauty filters to users' pictures, while at the same time showing ads out of context and making it nearly impossible to remove the apps themselves."
In the time since that first app was published, the fraudsters published a new app every 11 days on average. Notably, most of these apps were available for a duration of around 17 days each before they were pulled down. "But even with an average of less than three weeks of time on the Play Store, the apps found an audience: the average number of installs for the apps we analysed was 565,833," the research reads.
If you're wondering how these apps avoid detection in the first place? Well, the White Ops paper notes that most of these apps use "packers" that are hidden in the APK in the form of extra DEX files. "Historically, packing binaries is a common technique malware developers use to avoid being detected by security software like antivirus. Packed files in Android are not new and can't be assumed to be malicious, as some developers use packing to protect their intellectual property and try to avoid piracy," the research paper added.
Apart from this, the developers also use Arabic characters, reducing readability for people, in various places of the apps' source code to avoid detection. "These numbers tell a story of a cat and mouse game, in which the Play Store hunts down the fraudster and keeps them in check by removing fraudulent apps as quickly as they're discovered. The fraudster likely developed a more robust mechanism to avoid detection and removal. A batch of 15 apps, all published after September 2019, had a much slower removal rate using those new techniques."