Avoid Downloading Malicious Apps on Google Play

Google Play is every Android’s first go-to option for downloading apps. However, even this ever-famous application portal isn’t free from malicious apps directed toward conning the installers.

A renowned security firm, Malwarebytes Labs, has warned users against downloading and using these top four applications, which have collectively garnered 1 million downloads.

Per the security researchers at the firm, these apps hide Trojans, which serve adware and direct users to phishing sites.

Unsuspecting users click on an ad and end up with multiple open tabs, draining the battery and directing the users to phishing sites.

Who could have imagined that such applications housed within Google Play could also harbor intrusive content?

Mobile Apps Group’s Malicious Apps

If you have the following four apps installed on your Android device, you should uninstall them immediately:

Bluetooth App Sender: 50,000+ installs
Mobile transfer: smart switch: 1000+ installs
Bluetooth Auto Connect: 1,000,000+ installs
Driver: Bluetooth, Wi-Fi, USB: 10,000+ installs

Mobile Apps Group, the developer and marketer of these apps, has been penalized twice for disguising Trojans within their apps.

Despite its infamous reputation, the developer continues to market its applications on Google Play. The users of these apps haven’t provided favorable reviews for any of these apps on Google Play.

For example, one of the users has shared the following review for Bluetooth App Sender:

“Beware! This malicious app prompts you to install an “update” that is a clicker trojan.”

Another reviewer has updated the following review for Bluetooth Auto Connect on Google Play:

“This app installs popup adware! I must have installed this app accidentally, but I spent the last two weeks dealing with annoying ads that automatically open my browsers.

I’ve spent hours uninstalling/reinstalling apps, trying to find the culprit. Then I realized this morning that this app had a “welcome” notification, and when I clicked on it to close it, it opened a browser ad.

These ads are placed intentionally to make devs money every time they open. Reported this app to Google Play as well.”

Based on these user reviews, there is plenty of evidence to say that it’s not appropriate for users to download these apps.

Despite being Trojan adware carriers, the developer Mobile Apps Group continues to respond to user reviews, especially when users need help using these apps successfully on their devices.

The developer has used intelligent tactics to lead users to download and install apps on their devices. Without coercion, they can phish their users and create chaos in the lives of the users without lifting a finger.

How Do These Apps Work?

As per Malwarebytes Labs,

“Delaying malicious behavior is a common tactic to evade

detection by malware developers. This app uses delays quite a bit. After the initial delay, the malicious app opens phishing sites in Chrome.

The content of the phishing sites varies—some are harmless sites used to produce pay-per-click, and others are more dangerous phishing sites that attempt to trick unsuspecting users.”

The researchers at Malwarebytes Labs have given a good insight into how these malicious apps work. Usually, these apps wait for at least 72 hours before showing users ads.

Subsequently, when you click on ads, new tabs continue to open within the browser, even when the device is locked.

These adware sites steal sensitive information from the host devices while generating pay-per-click revenue for malware operators.

Imagine unlocking your device after a while and ending up with multiple open ad sites.

The developer hides these actions in an app log, encrypted with meaningless descriptors like “sdfsdf.”

Such extensions pass through automated code scanners seamlessly without raising red flags. However, manual reviewers can catch such malicious files easily with their descriptors.