36 Malicious Android Apps Found on Google Play, Did You Install Them?

pcmag.com:

A fresh batch of 36 Android apps containing adware and malware have been discovered on the Google Play Store. They have been downloaded nearly 10 million times, some still remain available, and all need to be removed from Android devices immediately.

As BleepingComputer reports(Opens in a new window), the malicious apps were discovered(Opens in a new window) by Russian anti-malware company Doctor Web. The functionality advertised by the apps includes photo editing, virtual keyboards, system optimization, wallpaper changers, user interface skins, and a notes/lists app. In all cases, the apps have a secondary purpose of stealing social media accounts, showing the user intrusive ads, or signing them up to premium services.

For the adware-focused apps, each app asks permission to be placed on the battery saver exclusion list so it can run all the time. They also want permission to show overlay windows over other apps. Once installed, they will either hide their app icon or replace it with an icon and name for something else that suggests it's an essential system app. A full list of the malicious apps is included at the end of this article.

Three apps were discovered that use Android Joker malware to execute arbitrary code and subscribe users to premium mobile services without their knowledge. This trio of apps includes:

Poco Launcher

4K Pro Camera

Heart Emoji Stickers

A further two apps, called "Water Reminder- Tracker & Reminder" and "Yoga- For Beginner to Advanced," are used to automatically load websites and click links for banners and ads. Another, simply called "Chat Online," focuses on dating apps and attempts to grab your personal information or simulates a chat with a real person before demanding payment to keep on