We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info
Android users are being warned about four dangerous apps that were available on the official Google Play Store marketplace. These apps, which were downloaded over 100,000 times onto Android devices, were secretly hiding the dangerous Joker malware. This infamous piece of malware is capable of signing Android users up for expensive subscription services without their knowledge, which can leave them hundreds of pounds out of pocket.
The four dangerous Android apps, which Google has now banned for good, were discovered by security firm Pradeo, who revealed its latest findings in a post online.
The apps Android users need to avoid are Smart SMS Messages, Blood Pressure Monitor, Voice Languages Translator and Quick Text SMS.
Pradeo told Android users to immediately delete these apps from their phones or tablets, if they’ve already downloaded them.
The mobile security firm said: “Pradeo just identified four new malicious applications embedding the Joker malware and acting as droppers, available for download on Google Play. Jointly, they have been installed by 100.000+ users.
“Users are advised to immediately delete these applications from their smartphones and tablets to avoid fraudulent activities.”
Phone security: How hackers can obtain private information
Pradeo said both Smart SMS Messages and the Blood Pressure app have a very dangerous feature, which is the ability to read one time passwords.
These limited-time codes are used when two factor authentication (2FA) is turned on, which is meant to provide an extra layer of security.
Pradeo said Smart SMS Messages steals these codes by taking screenshots, while Blood Pressure accesses notification content.
This all happens without a victim’s knowledge, with users only noticing the fraud when they receive their bills which can be weeks later.
Besides this dangerous functionality, all of the apps Pradeo highlighted are capable of downloading other malicious programmes onto a device.
Advising Android users on how to stay safe, Pradeo mentioned one thing these apps had in common which should make alarm bells go off in Android users’ heads.
They said: “We noticed several elements that compose a pattern when it comes to malicious applications on Google Play, and that could help users anticipate their malicious nature. First, their developers’ account only feature one app each. Usually once they are banned from the store, they simply create another one. Secondly, their privacy policies are short, use a template, never disclose the full extent of the activities the apps can perform and are hosted on a Google Doc or Google Site page. Finally, those applications are never related to a company name or website.”
If you’ve downloaded an of the apps mentioned above, here is how to delete them from your device…
Open the Google Play Store app
At the top right, tap the profile icon
Tap Manage apps and devices > Manage
Tap the name of the app that you want to delete
Source: Read Full Article