A new report reminds us to be careful when downloading new apps to our Android smartphones
Despite Google's strict security restrictions on the Play Store, malicious apps occasionally slip through the cracks
According to a report (opens in new tab) from antivirus maker Dr Web, millions of downloads of reward apps don't actually pay, and 10 investment apps and mobile games with over 450,000 downloads are actually phishing apps in disguise
As reported by BleepingComputer (opens in new tab), Dr Web found several questionable pedometer apps that offer financial rewards to users who stay active and meet daily distance goals Of these pedometer apps, the following three have been downloaded a total of 20 million times:
According to the report's findings, all three apps communicate with the same remote server address, making it likely that they are the same owner/developer Also, as of this writing, all are still available for download from the Play Store
While these pedometer apps offer monetary rewards to users, the apps themselves do not allow withdrawals until a certain reward amount is reached Even then, however, users of these apps must view the ads dozens of times before unlocking the reward At the same time, additional ad viewing is offered as a way to speed up the withdrawal process
While these apps are not as dangerous as the phishing detailed below, this is a type of adware that violates Google's policies and misleads users into believing that they can earn rewards by loading and using these apps on their Android smartphones These adware apps slow down smartphones and drain batteries rapidly
In addition to these shady pedometer apps, DrWeb has also found a number of actually malicious investment apps and games that steal data from users through phishing
The total number of downloads for these 10 apps exceeds 450,000, so if you have any of these apps installed on your smartphone, you need to remove them immediately Here is the full list of malicious apps that DrWeb discovered:
Fortunately, Most of these apps have already been removed from the Play Store, with the exception of Seven Golden Wolf Blackjack, which is still available for download as of this writing
After being installed on a potential victim's smartphone, these apps connect to a remote server and receive instructions on how to collect data This is done by loading a phishing site that asks users to enter sensitive information about themselves
While most of the apps in question have been removed from the Play Store, if you have these malicious apps on your smartphone or tablet, you still need to remove them manually
Before installing a new app on your best Android phone, you should first check its ratings and read the reviews available in the Play Store However, since app reviews can be faked, you should also look for outside reviews and video reviews that show how the app in question works
The best Android antivirus apps can protect you from malicious apps that spread malware, but detecting misleading apps or apps that direct you to phishing pages is a little harder So be careful when downloading and installing new apps Likewise, you should make sure that Google Play Protect is enabled on your Android device The built-in app scans all existing and newly downloaded apps for malware
However, in most cases, if an app seems too good to be true, it probably is Offering rewards is just one way scammers try to lure potential victims into malicious apps Limiting the number of apps you install on your device and removing apps you no longer use can help protect your smartphone and the sensitive data it contains
Comments