Another day, another malware targeting Android users – This time, 22 apps have been removed from the Play Store after security researchers found malware draining user phone’s battery and also downloading files without their consent.
These Android apps disguised themselves as legitimate software and in some cases even offered some functionality. The most popular of these was the Sparkle Flashlight, a flashlight that was downloaded over 1 million times.
According to the IT security researchers at Sophos, the Sparkle Flashlight app was updated and contained a hidden file downloader since March this year. It worked without the user knowledge and could either download files from external servers without consent and also clicked on hidden ad links generating revenue for the criminals behind the attack.
Sophos classifies malware in applications as “Andr-Clickr-ad” – they run automatically on the user’s phone even if the user forces the app to close. They also harm the phone’s battery as they are constantly processing the information sent by the apps and therefore the battery is sucked out in no time.
Eventually, these apps generated real profit for cybercriminals with the help of advertisements and also caused inconveniences for the user with the battery being drained constantly.
All 22 applications were removed from the Play Store by Google on Nov. 25, but it is not yet known if the company remotely deleted the app from mobile devices who had them installed.
Check out the full list of the 22 apps below – if any of the apps are installed on your phone, remove it immediately:
In 2014, a threat assessment report revealed that all of the top ten searched flashlight apps at Google Play Store perform functions that go beyond the basic requirements of flashlight apps. Moreover, the report highlighted the fact that these apps have been stealing users’ personal data stored on their smartphones.
“Android is pretty ‘Wild Wild West’ because the apps are not well curated. People often misunderstand the warning not to download apps from unknown or trusted sources. They’ll say, ‘I got it off the Play store—I trust that source’ without realizing the unknown and untrusted author of the app is the actual source,” said Tripwire CTO Dwayne Melancon.
This is not the first time when gaming and utility apps on the Play Store have been infected with malware to make a profit. Previously, BankBot banking malware was found in flashlight and solitaire apps aiming at users’ financial data.