- Researchers discovered several photo editing and beauty apps in Google Play Store stealing users photos.
- At least 29 apps were discovered containing code capable of performing several malicious activities on the user’s phone.
- Several apps also use packers to prevent them from being analyzed.
- The apps have been now removed from the Google Play store
Security researchers have discovered several photo editing apps in Google Play Store stealing users photos.
Researchers from Trend Micro labs have discovered at least 29 photo editing and beauty apps in the Google Play Store containing code capable of performing malicious activities in users phone.
The malicious apps have been already downloaded by 4 million users before Google removed it from play store.
“We discovered several beauty camera apps (detected as AndroidOS_BadCamera.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes.” said in the blog post published by Trend Micro researchers.
The apps once installed immediately will not show any suspicious behaviour until users try to delete the app. After installing, it will create a shortcut and hides its icon from the application list.
The apps also use packers to prevent them from being analyzed.
Some apps push full-screen ads on users device for fraudulent or pornographic content whenever users unlock their devices.
Some apps redirect users to a phishing website and attempt to steal their personal information. Users are tricked by saying they have won some contest and asks their personal information such as addresses and phone numbers.
Researchers also discovered another set of photo filter or beautifying apps containing malicious codes which upload users photos to a remote server controlled by the attacker.
In these apps instead of showing of the final result of the edited photo, users are shown a fake update prompt in nine different languages which then is redirected to a phishing website.
Users are advised to always check the legitimacy of the apps before downloading it. Always check the reviews of the apps before downloading it and avoid installation if any suspicious behaviour were reported
Here below is the full list of malicious apps and no of users downloaded it:
|APP NAME||NO OF INSTALLS|
|Pro Camera Beauty||1,000,000+|
|Cartoon Art Photo||1,000,000+|
|Artistic effect Filter||500,000+|
|Selfie Camera Pro||100,000+|
|Horizon Beauty Camera||100,000+|
|Art Effects for Photo||100,000+|
|Awesome Cartoon Art||100,000+|
|Art Filter Photo||50,000+|
|Art Filter Photo Effcts||10,000+|
|Magic Art Filter Photo Editor||5,000+|
|Fill Art Photo Editor||1,000+|
|Cartoon Art Photo||1,000+|
|Prizma Photo Effect||1,000+|
|Cartoon Art Photo Filter||100+|
|Art Filter Photo Editor||100+|
|Photo Art Effect||10+|
|Cartoon Photo Filter||5+|
You may be interested in reading:Blur Data Breach Potentially Exposed Data of 2.4 Million Users