Just as computers used to be the number 1 target for cybercriminals, the current use of virtual wallets, email accounts and bank credentials they positioned the cellphones within the favorite targets. All this is possible through malicious applications, a total of 18 recently discovered on Android, which are responsible for steal all kinds of information and install viruses.
While Google reviews apps from various developers around the world before placing them on its store Play Store for Android devices, some other with malicious code managed to bypass security.
Recently 18 available applications were discovered in the official store designed for steal private information from users.
What are the Android apps that steal data from your cell phone
The place Phone Arena indicated that at least three apps are still available for new installations, including one that has accumulated more than 50 thousand downloads worldwide. The rest, as expected, were removed from the Google Play download store.
One of the reasons those apps managed to survive the tech giant’s internal security system is that it has a average rating of 4.8so it would be considered a useful and safe option thanks to the fact that, of the 900 reviews it presents, the majority are positive.
This is possible because cybercriminals are also responsible for generating countless positive reviews with the intention of “hiding” better.
According to reports from various cybersecurity companies, such as Kaspersy or ESET, in most cases are presented as free productivity tools but, once they have been installed on the phone, they are responsible for stealing user information from phone numbers to email addresses, passwords and including credit card details.
Android phones, the most attacked
With 54% of the fleet of devices worldwide, according to data from Counterpointcyberthreats are aimed at violating the security measures of the Google operating system and the Google Play store.
The category of malicious applications that experienced the greatest growth was Spyware (170.2%). This type of threat can access the audio and video recordings of the smartphone, and the large increase in its detections means that attackers can find several ways to monetize personal or even company level data accessible through an Android device.
Lab52 researchers identified spyware that establishes complete control over the device and its contents if the malicious app’s permissions are accepted by the user. ESET detects this threat as “a variant of the Trojan Android/Spy.Agent”, which is number seven on the list of the top 10 Android threat detection.
For their part, researchers Joel Reardon and Serge Egelman of AppCensus discovered several applications available on Google Play that contained malicious code to collect phone numbers, email addresses and location data. Some of them had been downloaded more than 10 million times before Google took them down.
However, they later reappeared in the store, albeit without the software development kit (SDK) responsible for data collection. The researchers connected these applications with a company based in Panama which, according to the Wall Street Journal (paywall), is linked to a defense contractor that provides cyber intelligence services.
Furthermore, other spyware, installed thanks to a new distribution vector by more than 100,000 users, was described by Pradeo. The Facestealer spy software was available on the Google Play store as a Cartoon Photography and Social Engineering tool to steal Facebook credentials. Google later removed the malicious app from its store.
Other Android categories that saw a significant increase in detections were scam apps (27.7%), Clickers (31.6%) that present a form of ad fraud, and SMS Trojans (145.20%). This threat, which is the most visible in the monthly mobile bill of affected users, is represented in the list of Top 10 Android Threats.
Tips and recommendations to avoid malicious apps
In case you have downloaded one of the applications, the main thing is remove it completely. For that, you will have to access the settings menu of your phone and enter the apps section to see all the downloaded ones. Once selected, you must first press the “stop” option and the delete option.
To protect yourself from cyber scams, the cybersecurity company Kaspersky listed a series of recommendations. The main one, for example, is the download apps exclusively from official stores.
If you have downloaded an app whose user experience is at least curious on the phone, such as sending messages without explanation, overheating or opening meaningless pages; Immediately delete the app change all your passwords. Install a security solution on your cell phone.
Excessive permissions that an app may request are often indicators to watch out for. The specialists invite us to doubt the need they may have for access to the private data stored on the cell phone. In some cases, the user can deny some permissions and the app will work just fine.
Consider removing any sensitive data, such as credit card numbers or PIN codes, from your address book. To have this information protected it is better to store it in safe places.
The list of apps that you should not download on your Android
- Document Manager.
- Coin track Loan – Online loan (Préstamo online).
- Cool Caller Screen.
- PSD Auth Protector.
- RGB Emoji Keyboard (Teclado con emojis RGB).
- Camera Translator Pro (Camera Translator Pro).
- Fast PDF Scanner.
- Air Balloon Wallpaper.
- Colorful Messenger.
- Thug Photo Editor (Photo Editor).
- Anime Wallpaper.
- Peace SMSHappy Photo Collage.
- Smart Keyboard.
- Special Photo Editor.
- 4K Wallpapers.