EIGHT scam apps that steal their users’ texts and cash have been discovered by cyber security researchers.
With a total of 700,000 installs, the software posed as wallpapers, keyboard skins, puzzles, photo editors and other camera-related apps.
3
Security giant McAfee said in a blog post on Monday that the apps were listed in the Google Play Store in Southwest Asia and the Arabian Peninsula.
Google removed them from the store after receiving reports from McAfee.
“A new wave of fraudulent apps has made its way to the Google Play store,” researchers Sang Ryol Ryu and Chanung Pak said.
“The malware embedded in these fraudulent apps hijack SMS message notifications and then make unauthorized purchases.”
3
Apps go through a review process before they’re allowed onto the Play store, but fraudsters found an easy way around this.
To get past Google’s wardens, the apps were initially submitted as “clean” apps before the malicious code was added through a series of updates.
Attackers would then make purchases using the victim’s credit card, making a bucket-load of cash in the process.
McAfee is calling the malware Android/Etinu.
Even though they’ve been removed from the Play store, the apps could still be on your phone.
3
If anyone of the following are lurking in your app library, make sure you delete them, pronto.
- com.studio.keypaper2021
- com.pip.editor.camera
- org.my.favorites.up.keypaper
- com.super.color.hairdryer
- com.ce1ab3.app.photo.editor
- com.hit.camera.pip
- com.daynight.keyboard.wallpaper
- com.super.star.ringtones
McAfee said it expected apps like Etinu that hijack SMS notifications will “continue to flourish” in future.
The US firm advised users of the Play store to keep an eye on the permissions apps ask for when you download them.
“It’s important to pay attention to apps that request SMS-related permissions and Notification Listener permissions,” researchers wrote.
“Simply put, legitimate photo and wallpaper apps simply won’t ask for those because they’re not necessary for such apps to run.
“If a request seems suspicious, don’t allow it.”
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
Apple unveils brand new purple iPhone
INSTA-GONE
Instagram will automatically BLOCK ‘abusive DMs’ – how it works
FRESH APPLE
Apple unveils NEW iPhone colour, location-tracking AirTags & first 5G iPad
NEW SLATE
Apple’s FIRST 5G iPad has a better screen than TV – and is faster than a laptop
MAC TO THE FUTURE
Apple unveils redesigned iMac with range of new colours
LOST AND FOUND
Apple finally reveals AirTag devices that mean you’ll never lose your keys
VIRTUALLY REAL
Amazing 3D holograms let pals have meals together HUNDREDS of miles apart
In other news, Apple experts have leaked some interesting details about the 2022 iPhone lineup.
Facebook is trialling a video call speed dating app called Sparked.
And, Google is bringing out a feature to help Android users avoid collisions while texting and walking.
Have you spotted any dodgy Android apps recently? Let us know in the comments!
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
