The Google Play Store has several firewalls, but some apps can bypass it and harm your devices such as mobile phones and tablets. Researchers at Malwarebytes Labs have found four such apps that contain stealthy hidden malware. These apps lead to phishing tricks that can steal your data and personal information that you might not want to share with anyone else. They generate revenue through a pay-per-click model for hackers.
The four apps share a common developer, a group of mobile apps that have more than a million downloads. However, they are certified as safe on Google Play, however, according to a survey conducted by cyber security experts, each app contains a line of code “Android/Trojan.HiddenAds” and starts performing malicious activities after 72 hours of download to avoid any detection. Let’s learn more about it.
Contents
Uninstall these 4 apps now
The names of these four apps are Bluetooth Auto Connect (over 1 million downloads), Bluetooth App Sender (over 50,000 downloads), Controller: Bluetooth, Wi-Fi, USB (over 10,000 downloads) and Mobile Transfer: Smart Switch (over 1,000 downloading). Here are more details about the application.
Automatic Bluetooth connection
Package name: com.bluetooth.autoconnect.anybtdevices
App Name: Bluetooth Auto Connect
Developer: Mobile apps Group
MD5: C28A12CE5366960B34595DCE8BFB4D15
Controller: Bluetooth, Wi-Fi, USB
Package name: com.driver.finder.bluetooth.wifi.usb
App Name: Driver: Bluetooth, Wi-Fi, USB
Developer: Mobile apps Group
MD5: 9BC55834B713B506E92B3787BE83F079
Bluetooth App Sender
Package name: com.bluetooth.share.app
App Name: Bluetooth App Sender
Developer: Mobile apps Group
MD5: F764F5A04859EC544685E30DE4BD3240
Mobile transmission: smart switch
Package name: com.mobile.faster.transfer.smart.switch
App Name: Mobile Transfer: Smart Switch
Developer: Mobile apps Group
MD5: AEA33292113A22F46579F5E953596491
How do these 4 apps steal data?
All these apps are listed in the Google Play Store and are easy to find. If you have already installed them, please remove them immediately. The report states that these apps contain nasty malware and claim to guarantee strong Bluetooth pairing with any device. This could be a method to prevent Google Play from being detected by hackers.
After 3-4 days of installation, the app will start redirecting users to phishing pages in Google Chrome, even if your device is locked. The first tab with the malicious link opens and again another site on another tab. Sometimes it also opens adult websites. For example, the image below shows the app notifying users of potential malware on their phones and asking them to install a cleaner. There are two options, Install and Cancel. Clicking any of them will open another phishing site, so it is not recommended to click any button and close the tab.
If you click on any of the buttons on these sites, another site will open and the hacker will make money from it. These apps rely on a pay-per-click revenue model to earn and trick users into entering their details or clicking on any button. Every time you click a button, hackers make money from it.
The developers have yet to respond to the allegations, but it would be better to keep them aside for a while.
