Google Play Store has several protection walls however some apps manage to bypass that and cause harm to your devices such as mobile phones and tablets. Researchers at Malwarebytes Labs have found four such apps that contain secret hiding malware. These apps lead to phishing tricks that may steal your data and personal information that you may not want to share with anyone else. They generate revenue via a pay-per-click model for hackers.
These four apps have a common developer, Mobile apps group that has over a million downloads. They are certified as safe on Google Play however, research done by cybersecurity experts, each app contains “Android/Trojan.HiddenAds” line of code and starts injecting malicious activities after 72 hours of downloading in order to avoid any detection. Let’s know more about it.
Uninstall These 4 Apps Now
The names of these four apps are Bluetooth Auto Connect (over 1 million downloads), Bluetooth App Sender (over 50,000 downloads), Driver: Bluetooth, Wi-Fi, USB (over 10,000 downloads), and Mobile transfer: smart switch (over 1,000 downloads). Here’re more details about the app.
Bluetooth Auto Connect
Package name: com.bluetooth.autoconnect.anybtdevices
App name: Bluetooth Auto Connect
Developer: Mobile apps Group
MD5: C28A12CE5366960B34595DCE8BFB4D15
Google Play URL: https://play.google.com/store/apps/details?id=com.bluetooth.autoconnect.anybtdevices
Driver: Bluetooth, Wi-Fi, USB
Package name: com.driver.finder.bluetooth.wifi.usb
App Name: Driver: Bluetooth, Wi-Fi, USB
Developer: Mobile apps Group
MD5: 9BC55834B713B506E92B3787BE83F079
Google Play URL: https://play.google.com/store/apps/details?id=com.driver.finder.bluetooth.wifi.usb
Bluetooth App Sender
Package name: com.bluetooth.share.app
App Name: Bluetooth App Sender
Developer: Mobile apps Group
MD5: F764F5A04859EC544685E30DE4BD3240
Google Play URL: https://play.google.com/store/apps/details?id=com.bluetooth.share.app
Mobile transfer: smart switch
Package name: com.mobile.faster.transfer.smart.switch
App Name: Mobile transfer: smart switch
Developer: Mobile apps Group
MD5: AEA33292113A22F46579F5E953596491
Google Play URL: https://play.google.com/store/apps/details?id=com.mobile.faster.transfer.smart.switch
How do these 4 Apps Steal Data?
All these apps are listed on Google Play Store and can be found easily. If you have installed them already, remove them right now. The report mentions that these apps contain nasty malware and are claimed to guarantee a strong Bluetooth pairing with any device. This could be a method to prevent Google Play to detect hackers.
Once 3-4 days have passed after installation, the app starts directing users to phishing sites in Google Chrome, even if your device is locked. It will open the first tab with a malicious link, and again another website in a different tab. Sometimes, it opens adult websites as well. For example, in the below image, it can be seen that the app is alerting users about the potential malware on their phones and asking them to install a cleaner. There are two options available, Install and Cancel. Clicking either of them will open another phishing site, therefore it’s advised not to click any button and close the tab.
If you click any of the buttons on these websites, it will open another website and the hacker will earn through it. These apps rely on pay-per-click revenue model to earn and trick users to enter their details or click any button. Each time you click on a button, hackers earn through it.
The developers are yet to respond on allegations, however it would be better to keep them away for a while.
