Android malware has been on the rise over the past couple of years, we’ve just seen one of the worst attacks of this kind. ESET security researcher Lukas Stefanko found 13 apps with malware on the Play store, and said that more than 560,000 people downloaded these apps before Google took them down. Oh, and all these apps came from a lone developer named Luiz Pinto.
The malware was disguised as various games, and didn’t have any legitimate function; rather, they crashed every time they were launched. Now for the worst part: Stefanko said that before Google removed the apps, two of them were featured in the store’s trending section.
App functionality demonstration pic.twitter.com/11HskeD56S
— Lukas Stefanko (@LukasStefanko) November 19, 2018
The skeevy apps quietly installed malware on users’ devices, and deleted their own app icons so they’d be harder to find and remove. TechCrunch noted that the malware granted the attacker full access to its Android host device’s network traffic, which can be used to steal data. If you’ve installed any of these apps, you should uninstall them right away.
Over the years, Google has faced pressure from the Android community to bolster its security measures for the platform. In January, the company published a report claiming that it removed more than 700,000 malicious apps from the Play Store in 2017.
Last year, researchers found a piece of malware named Judy in 41 apps which reportedly affected 18.5 million devices. Security firm G Data noted in a report that, by Q3 2018, it counted over 3.2 million malicious Android apps in the wild, stay safe out there.