It’s been another tough week for Android. Numerous reports have flooded in over the past few days about more rogue apps that can infect devices and access personal data without permission. Now another new threat has been detected and this time it’s coming from applications that are aimed at boosting the performance of your phone.
According to the team Trend Micro, the latest bunch of Android apps that are attacking phones include services which claim to clean up your device and make it faster.
However, it appears instead of performing that much-needed task they actually set about installing all kinds of nasty bugs and hidden malware.
To make matters worse, the applications have been downloaded over 450,000 times during their tenure on the Google Play Store.
Explaining more, Trend Micro said: “We recently discovered several malicious optimiser, booster, and utility apps (detected by Trend Micro as AndroidOS_BadBooster.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes, perform mobile ad fraud, and download as many as 3,000 malware variants or malicious payloads on affected devices.
“These malicious apps, which are supposed to increase device performance by cleaning, organising, and deleting files, have been collectively downloaded over 470,000 times. Our telemetry shows that this campaign has been active since 2017.”
One of the apps in question, called Speed Clean, was able to launch innocuous looking adverts on the screen. However, Trend Micro said it was then able to observe malicious behaviour surreptitiously happening on the affected device.
The Speed Clean app was also capable of launching a transparent activity background to hide malicious content from the user.
Here’s a full list of apps and how many times they’ve been installed:
Shoot Clean-Junk Cleaner • 10,000+
Super Clean Lite • 50,000+
Super Clean-Phone Booster • 100,000+
Quick Games • 100,000+
Rocket Cleaner • 100,000+
Rocket Cleaner Lite • 10,000+
Speed Clean • 100,000+
LinkWorldVPN • 1,000+
H5 gamebox •1,000+
It’s worth noting Google has now removed these apps from its official store but if you have any of them on your phone then it might be wise to delete them immediately.
Offering advice to Android users about staying safe, Trend Micro says: “Fraudsters attempt to deceive users by making malicious apps look genuine, so users should do their due diligence before downloading any mobile app.
“Verifying an app’s legitimacy is typically done by checking user-created reviews on the Play Store.
“However, in this particular case, the malicious app is capable of downloading payloads that can post fake reviews unbeknownst to the user. Despite the slew of positive reviews, it does leave some red flags — even though different users left positive reviews, the comments they leave contain the same, exact text: ‘Great, works fast and good’. They also gave the app the same four-star rating.
“To avoid these types of threats, users can turn to security solutions that can thwart stealthy adware.”