Connect with us

Android

Delete these Android apps if they are installed on your phone

The apps have been downloaded over 100,000 times.

google android 11
Image: Google

Whatever Google says about the security of the Google Play Store, it’s a fact that they don’t catch every malicious Android app that gets uploaded.

Researchers at ThreatFabric say they’ve found a dirty dozen of apps downloaded from the Google Play Store that are actually banking or crypto trojans, which resulted in over 300,000 infections by the dropper apps.

That’s a lot of malware, aimed at ferreting out banking details, cryptocurrency wallet secret phrases, contents of email inboxes, and more. So why didn’t Google pick up these malicious apps?

Well, even VirusTotal, one of the best sites to analyze suspicious files, had a “0/62 FUD score on VirusTotal at some point in time.” It’d be reasonable to expect any file, app, or URL with a similar score to be safe, so it’s really not a user error downloading the app.

Here are the Android apps you need to delete

If you have any of the apps downloaded below, make sure to delete them and update passwords:

  • Two Factor Authenticator (com.flowdivison)
  • QR CreatorScanner (com.ready.qrscanner.mix)
  • QR Scanner 2021 (com.qr.code.generate)
  • PDF Document Scanner – Scan to PDF (com.xaviermuches.docscannerpro2)
  • PDF Document Scanner Free (com.doscanner.mobile)
  • Gym and Fitness Trainer (com.gym.trainer.jeux)

  • Protection Guard (com.protectionguard.app)
  • Master Scanner Live (com.multifuction.combine.qr)
  • QR Scanner (com.qr.barqr.scangen)
  • PDF Document Scanner (com.docscanverifier.mobile)
  • CryptoTracker (cryptolistapp.app.com.cryptotracker)
  • Gym and Fitness Trainer (com.gym.trainer.jeux)

The apps even act legitimately for a period of time, then ask the user to do an in-app update for new features, like the one in the image below that shows an exercise app asking for additional exercises to be downloaded to the device.

Once the user downloads those ‘updates’, the Android app will ask for access to the Accessibility Services, and if enabled, has “full control over the device,” enabling the crooks to transfer money out of your bank account or other nefarious activities. Yikes.

android app downloading malware disguised as an update
Image: KnowTechie

Adding to the obfuscation, the apps only download the malicious update if the device details match their intended targets, like the Android version, location, and other information.

The malicious apps included Free QR Scanner 2021, which was installed 50,000 times, Gym and Fitness Trainer, which was downloaded 10,000 times, and ten others, which brought the total number of installs to over 100,000.

Again, it goes without saying that if you have any of these Android apps on your device (and check the package name to be sure), you should delete them as soon as possible.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in Android