Beware of These 4 Malicious Android Apps Can Steal Your Personal Data: Remove Them Immediately

The Google Play Store has several firewalls, but some apps can bypass it and harm your devices such as mobile phones and tablets. Researchers at Malwarebytes Labs have found four such apps that contain stealthy hidden malware. These apps lead to phishing tricks that can steal your data and personal information that you might not want to share with anyone else. They generate revenue through a pay-per-click model for hackers.

The four apps share a common developer, a group of mobile apps that have more than a million downloads. However, they are certified as safe on Google Play, however, according to a survey conducted by cyber security experts, each app contains a line of code “Android/Trojan.HiddenAds” and starts performing malicious activities after 72 hours of download to avoid any detection. Let’s learn more about it.

Uninstall these 4 apps now

The names of these four apps are Bluetooth Auto Connect (over 1 million downloads), Bluetooth App Sender (over 50,000 downloads), Controller: Bluetooth, Wi-Fi, USB (over 10,000 downloads) and Mobile Transfer: Smart Switch (over 1,000 downloading). Here are more details about the application.

Automatic Bluetooth connection

Package name: com.bluetooth.autoconnect.anybtdevices

App Name: Bluetooth Auto Connect

Developer: Mobile apps Group

MD5: C28A12CE5366960B34595DCE8BFB4D15

Controller: Bluetooth, Wi-Fi, USB

Package name: com.driver.finder.bluetooth.wifi.usb

App Name: Driver: Bluetooth, Wi-Fi, USB

Developer: Mobile apps Group

MD5: 9BC55834B713B506E92B3787BE83F079

Bluetooth App Sender

Package name: com.bluetooth.share.app

App Name: Bluetooth App Sender

Developer: Mobile apps Group

MD5: F764F5A04859EC544685E30DE4BD3240

Mobile transmission: smart switch

Package name: com.mobile.faster.transfer.smart.switch

App Name: Mobile Transfer: Smart Switch

Developer: Mobile apps Group

MD5: AEA33292113A22F46579F5E953596491

How do these 4 apps steal data?

All these apps are listed in the Google Play Store and are easy to find. If you have already installed them, please remove them immediately. The report states that these apps contain nasty malware and claim to guarantee strong Bluetooth pairing with any device. This could be a method to prevent Google Play from being detected by hackers.

After 3-4 days of installation, the app will start redirecting users to phishing pages in Google Chrome, even if your device is locked. The first tab with the malicious link opens and again another site on another tab. Sometimes it also opens adult websites. For example, the image below shows the app notifying users of potential malware on their phones and asking them to install a cleaner. There are two options, Install and Cancel. Clicking any of them will open another phishing site, so it is not recommended to click any button and close the tab.

If you click on any of the buttons on these sites, another site will open and the hacker will make money from it. These apps rely on a pay-per-click revenue model to earn and trick users into entering their details or clicking on any button. Every time you click a button, hackers make money from it.

The developers have yet to respond to the allegations, but it would be better to keep them aside for a while.

Leave a Comment