New applications infected with malware, and more specifically by Trojan horses, have once again been discovered in the Play Store. Remove them quickly if you have already installed them, they are dangerous!
Once again, numerous corrupted applications have been discovered in the Play Store, Google’s app store for Android – you can’t change good old habits! Despite the security tools and measures that the Redmond firm deploys, hackers are constantly developing new strategies aimed at circumventing them. This time, computer security researchers from Doctor Web have spotted sixteen compromised applications, some of which are quite popular. With more than two million installations, they pose as games, instant messaging or even applications specializing in finance. In reality, they contain several Trojan horses associated with the fearsome FakeApp, Joker and HiddenAds malware families, well known to cybersecurity researchers.
Android malware: Trojan horses hidden in applications
The application with the most victims is called Super Skibydi Killer, with more than a million installations. It promises a game in which players take on the role of a “super killer” and attempt to assassinate their enemies with shots. In reality, once installed, Super Skibydi Killer, like other games, “hides” itself from the user using transparent icons on the home screen or icons resembling the Google Chrome browser, and empty the framework of their name to hide. When the victim accidentally presses it, the Trojans launch the browser and continue running in the background, launching advertisements in order to generate revenue. Two other applications contain malware from the Joker family, which subscribes users to paid services. Cybersecurity researchers have also discovered several fake financial apps (for stock trading and home accounting) that load fraudulent sites where victims are encouraged to become investors. Finally, other games in the Play Store load questionable online casino websites. Here are the main infected applications:
- Super Skibydi Killer – 1,000,000 downloads
- Agent Shooter – 500,000 downloads
- Rainbow Stretch – 50,000 downloads
- Rubber Punch 3D – 500,000 downloads
- Love Emoji Messenger – 50,000 downloads
Eternal Maze – 50,000 downloads
Jungle Jewels – 10,000 downloads
Stellar Secrets – 10,000 downloads
Fire Fruits – 10,000 downloads
Cowboy’s Frontier – 10,000 downloads
Enchanted Elixir – 10,000 downloads
Beauty Wallpaper HD – 1,000 downloads
- GazEndow Economic – 1,000 downloads
- FinancialFusion – 1,000 downloads
- Financial Vault – 500 downloads
- MoneyMonitor – less than 500 downloads
The apps have since been removed from the Play Store. However, if you have already installed one of them on your smartphone, remove it immediately. Keep in mind that just because you download an app from an official store doesn’t mean you don’t run any risks. This is why we recommend that you only install applications that you really need and delete those that you no longer use. Before each download, take the time to check the little details that might tip you off – number of downloads, reviews, developer name, authorization requests, other apps developed… Finally, use an antivirus in background in order to verify that malicious behavior is not taking place in the background.