In September alone, over 335 million Android users were tricked into downloading malware-infected apps from the Google Play Store. In all, 172 apps containing threats such as adware and automatic sign-up for fraudulent subscription services circumvented Google’s store security mechanism called Play Protect.
The information was released on Tuesday, October 1st by ESET’s security researcher Lukas Stefanko. According to Lukas, apps with adware have been downloaded over 300 million times and account for 89% of infected app installs.
From a total of 48 malicious ad programs, at least 46 were owned by the same developer and have already been removed from the Play Store. Second, with over 20 million downloads, come apps which hid scams from the self-service subscription.
Other types of malware found on the Play Store include hidden ads, premium SMS subscription services, banking trojans, fake antivirus, and stalkerwares. It is noteworthy that the data released by Stefanko only indicate the number of downloads that applications have accumulated since the time they were discovered by the researcher. The number may be higher than indicated in the survey.
The good news is that, according to Stefanko, most harmful apps appear to have been removed by Google. “If not all, most of these apps are definitely no longer available on Google Play,” the researcher said in an interview with TNW.
If you are using an Android device watch out of Filecoder ransomware, refrain from clicking links on online forums, avoid apps from third-party app stores, download apps only when necessary and being careful about the permissions requested by apps.
Moreover, use a VPN when browsing, install reliable anti-virus software, keep your device updated and scan it regularly. You can choose any anti-virus program from these two lists (1), (2). Stay safe online!