Connect with us

Android

Google drops the banhammer on a bunch of selfie-stealing fake apps

How did this get past Google’s screeners?

google play on android phone
Image: AndroidPIT

29 fake apps masquerading as beauty camera applications have been removed from the Google Play store after an investigation by Trend Micro.

The malicious apps got past the (mostly) automated security checks on the Google Play store, showing that Google still has a way to go if it wants to keep its Android app store safe for users.

Downloaded mostly by users in India and elsewhere in Asia, the photo apps all had various ways of scamming those users once installed. Some of the apps forwarded users to phishing websites in an attempt to get login details and other personal information. Some of these attempts were hidden with the ruse of claiming a prize. Others showed full-screen advertisements for pornography or fraudulent goods when the user unlocked their phone.

And then, some apps actually stole photos

selfie apps stealing your selfies

Image: TrendMicro

The worst bunch of the apps stole users photographs while promising to “beautify” them. Those photos taken were uploaded to a private server and instead of sending back a retouched image, a fake message telling the user to update the app would pop up. These stolen photos could then be used for fake social media profiles or other scummy uses.

The team at Trend Micro even found a supposedly-legit, paid porn app that when downloaded and paid for, wouldn’t play any content. Why anyone would pay for porn apps when there’s a bunch of free websites available I don’t know, but they got doubly-shafted.

The app creators used various methods to hide their true intentions

The creators of these apps used various means to hide their true intentions. A method of using compressed archives, known as “packers,” hid the initial payloads from Google’s scanners. The pop-ups didn’t indicate which app they were from, further making detection difficult. Some of the apps went even further, hiding the app’s icon from the user’s application list.

Overall, those 29 scammy apps were downloaded over 4 million times, maybe proving that beauty should be more than skin deep. Three apps made up the bulk of those downloads, with Pro Camera Beauty, Cartoon Art Photo, and Emoji Camera all being downloaded over a million times.

With scammers getting more technically-savvy, and Google having difficulty catching everything that’s uploaded to the Play store, it’s perhaps down to users to use their wits. Check the comments and reviews before downloading that new trending app – if anything makes you take pause, it’s probably not worth downloading.

What do you think? Have you ever been fooled by an app? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Maker, meme-r and unabashed geek. My hobbies include photography, animation and hoarding Reddit gold.

Comments

More in Android