Various Google Play apps send the users pornographic content and redirect them to phishing websites to collect their pictures.
Google is repeatedly purging its Play Store from malicious apps, but somehow these scammy apps again find their way into the world. In its latest attempt, Google removed 29 such apps, some of which had been already downloaded millions of times.
According to a Trend Micro report, various Google Play ‘Beauty Camera’ apps send the users pornographic content and redirect them to phishing websites to collect their pictures. These apps are capable of accessing remote ad configuration servers for carrying out attacks.
Interestingly, a large number of the download counts originated from Asia, particularly in India, indicating the demographics of the region more vulnerable to such attacks.
These malicious apps make it difficult for the user to delete them as they create a shortcut to the apps after being launched but hide its icon from the application list. The camera apps use packers that prevent them from being analysed.
One of the most common methods these apps carry out phishing attacks is by pushing several full-screen ads as soon as users unlock their devices. As none of these apps gives any indication of carrying out such ads, it gets difficult for the users to identify and delete them.