Meta has warned its users about 400 malicious apps listed on the Google Play Store that stole user login information and details. Out of which 4 apps are been highlighted by the researchers.
These apps looks genuine and embedded with hidden trojans through ads. With over one million downloads. Play Store has not taken down the apps yet and are still active on Google’s app store.
Researchers says that thevdeveloper’s modus operandi is to upload a clean app version before loading it up with malware.
Here are the four apps that you should get rid of if they’re on your device:
- Bluetooth Auto Connect
- Bluetooth App Sender Driver
- Bluetooth, Wi-Fi, USB
- Mobile transfer smart switch
These apps did not reveal any malicious behavior within 72 hours after download. After that period, these apps open phishing sites in Chrome. Some of those sites are relatively harmless and generate revenue if the user clicks on the ads. However, other sites are dangerous, attempting to trick users by displaying a message that their device is infected or needs an update.
Its highly recommend to unintsll these apps if you have them installed on your phone.
This research was documented by researchers from Malwarebytes