7 apps to urgently uninstall from your smartphone

The Doctor Web antivirus has published its report for the month of May 2022. It warns of new and numerous threats present on Google Play.

The cybercriminal activities targeted by the report distribute their Trojans via the Google Play Store. And this, often under the guise of games and various software. For example, horoscopes, photo editors, utilities, etc. Thus, all the applications described in this article “downloaded fraudulent websites where attackers attempted to steal personal information and money from potential victims”, warns Doctor Web. The list of applications to remove urgently is at the end of the article.

The three trends

The report highlights three trends. First, he notices the decrease in the activity of the Trojan Android.Spy.4498, which exclusively attacks devices running Android. Its mission is to steal the content of notifications from other apps. For this, it also downloads and asks users to install other applications and is capable of showing various dialog boxes.

“Known versions of Android.Spy.4498 are bundled with some unofficial modifications (mods) of WhatsApp messaging, like GBWhatsApp, OBWhatsApp, WhatsApp Plus, etc”, says the report. Typically, attackers spread these mods through malicious websites.

Good news, the second trend concerns the decrease in the activity of advertising Trojans. Most often these are advertising banners capable of initiating the automatic download of malicious programs. On the other hand, Doctor Web warns in parallel about the appearance of new malicious applications.

Two malevolent families

During the whole month of April, Doctor Web analysts detected new malicious applications on Google Play. And more particularly, the Trojan horses of the family Android.Joker. The latter are capable of downloading and executing arbitrary code as well as subscribing users to paid mobile services. “One of them was hidden behind the ‘live’ wallpaper application Purple Live Wallpaper, the other – behind the QR Code Reader recognition program”says the report.

But that’s not all. Analysts have also reported the proliferation of new Trojans from the family Android.FakeApp. The attackers posed them as applications intended for receiving state aid by hiding them in programs titled “How to get compensation from the Russian Federation”, “Payments for citizens 2022” and “FRSP payments”. The researchers named them Android.FakeApp.930, Android.FakeApp.931 and Android.FakeApp.933.

Seven apps to delete

To follow, the list of applications to ban.

  • Magnifier Flashlight : The application conceals an advertising Trojan. This one displays video ads and banners that download malicious programs.
  • Wild & Exotic Animal Wallpaper : The application changes its icon to try to be invisible to the user and changes its name to “SIM Tool Kit”. The SIM toolkit, also called “SIM Application Toolkit”, or “SIM Tool Kit” allows the telephone user to have access to the services provided by the mobile operator. Clearly, it is a set of applications installed on a SIM card, allowing to activate certain functions desired by mobile operators. To achieve its attack, the Wild & Exotic Animal Wallpaper app asks the user for permission to be removed from the list of apps disabled by battery saver. Then, advertisements are regularly displayed on the screen of the device, even if the user has not used the application for a long time. Wild & Exotic Animal Wallpaper has been downloaded over a million times.

These two applications camouflage themselves by removing their icon from the list of installed applications and disappearing from the home screen.

  • PIP Camera 2022 : This camera app contains a virus. The report has over 50,000 downloads.
  • PIP Pic Camera Photo Editor : This is an image editor. For the moment, the application is also still available on the Play Store and has recorded more than a million downloads.
  • Camera Photo Editor and Light Exposure Photo Editor : the image-editing app duo no longer appears on the Store.
  • ZodiHoroscope – Fortune Finder : This horoscope application has 500,000 downloads. It is still available on the Google Play Store and contains a virus.

The mission of these latest five dedicated rogue apps is to steal the victim’s Facebook login credentials.

Follow Geeko on Facebook, Youtube and Instagram to not miss any news, tests and tips.

Leave a Comment

Your email address will not be published.