Several Photo Editing Apps Found Stealing Users Photos

hacking news today 5/5 (4)
  • Researchers discovered several photo editing and beauty apps in Google Play Store stealing users photos.
  • At least 29 apps were discovered containing code capable of performing several malicious activities on the user’s phone.
  • Several apps also use packers to prevent them from being analyzed.
  • The apps have been now removed from the Google Play store

Security researchers have discovered several photo editing apps in Google Play Store stealing users photos.

Researchers from Trend Micro labs have discovered at least 29 photo editing and beauty apps in the Google Play Store containing code capable of performing malicious activities in users phone.

The malicious apps have been already downloaded by 4 million users before Google removed it from play store.

“We discovered several beauty camera apps (detected as AndroidOS_BadCamera.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes.” said in the blog post published by Trend Micro researchers.

The apps once installed immediately will not show any suspicious behaviour until users try to delete the app. After installing, it will create a shortcut and hides its icon from the application list.

The apps also use packers to prevent them from being analyzed.

Some apps push full-screen ads on users device for fraudulent or pornographic content whenever users unlock their devices.

Some apps redirect users to a phishing website and attempt to steal their personal information. Users are tricked by saying they have won some contest and asks their personal information such as addresses and phone numbers.

Researchers also discovered another set of photo filter or beautifying apps containing malicious codes which upload users photos to a remote server controlled by the attacker.

In these apps instead of showing of the final result of the edited photo, users are shown a fake update prompt in nine different languages which then is redirected to a phishing website.

Users are advised to always check the legitimacy of the apps before downloading it. Always check the reviews of the apps before downloading it and avoid installation if any suspicious behaviour were reported

Here below is the full list of malicious apps and no of users downloaded it:

APP NAMENO OF INSTALLS
Pro Camera Beauty
1,000,000+
Cartoon Art Photo1,000,000+
Emoji Camera1,000,000+
Artistic effect Filter500,000+
Art Editor100,000+
Beauty Camera100,000+
Selfie Camera Pro100,000+
Horizon Beauty Camera100,000+
Super Camera100,000+
Art Effects for Photo100,000+
Awesome Cartoon Art100,000+
Art Filter Photo50,000+
Art Filter Photo Effcts10,000+
Cartoon Effect10,000+
Art Effect10,000+
Photo Editor5,000+
Wallpapers HD5,000+
Magic Art Filter Photo Editor5,000+
Fill Art Photo Editor1,000+
ArtFlipPhotoEditing1,000+
Art Filter1,000+
Cartoon Art Photo1,000+
Prizma Photo Effect1,000+
Cartoon Art Photo Filter100+
Art Filter Photo Editor100+
Pixture100+
Art Effect50+
Photo Art Effect10+
Cartoon Photo Filter5+

For the latest cyber threats and the latest hacking news please follow us on FacebookLinkedin and Twitter.

You may be interested in reading:Blur Data Breach Potentially Exposed Data of 2.4 Million Users

Comments

Please rate this content