The Google Play Store has a somewhat checkered history when it comes to apps and malware. Run a quick Google search, and you’ll soon find examples of apps that have been removed because they conceal malware.
One such app, CamScanner, was downloaded more than 100 million times before anyone picked it up. This app started out innocently enough. The initial version uploaded to the Play Store had no malware embedded. More recent versions, however, do contain adware.
That’s bad enough, all adware really costs you is time, irritation, and maybe some data. There’s a more insidious threat, though. Other forms of malware sign you up for a subscription service without your knowledge.
The monthly charges are usually small enough that you don’t notice them for a few months. Over time, though, it all adds up. One of the most recent forms of this malware was discovered by Aleksejs Kuprins.
Kuprins discovered the so-called Joker malware in 24 applications on the Google Play Store.
What’s So Special About Joker?
Joker signs you up for a subscription service, as mentioned above. What makes extra sneaky, though, is that it is location-specific. It’s designed to target mainly Asian and European users. Fortunately, for now, the only African countries that seem to have been targeted are Ghana and Egypt.
Remove These Apps if They’re Installed on Your Phone
These apps were identified and removed by the Play Store. If you did install them before this, get rid of them immediately. It’s also a good idea to check if you’ve been charged for anything on your bank statement.
- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security – Security Scan
- Beach Camera
- Board picture editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper
How Many Users Have Been Affected?
That’s hard to say. The apps identified by Kuprins had been downloaded around about 472 000 times. Unfortunately, we have no real way of knowing if other apps are affected. Considering that there were 2 800 000 apps in the Google Play Store, it’s easy for apps to slip under the radar.
Other Potential App Issues
Unfortunately, this problem is rife in the Play Store. Google’s policies regarding checking apps are not as strict as is the case with the Apple Store. As a result, we can expect to see more issues such as this cropping in the future.
Cybersecurity researcher, Lukas Stefanko, found 172 apps with malware of some sort in the store in September of 2019. These totalled up to a mind-boggling 335,952,400 downloads at the time. That’s really scary stuff.
Fleeceware, which also operates on a subscription model is another one to watch out for. The downside of this software is that it’s technically not illegal. All that happens is that you’re paying a lot more for a service than you should.
These apps typically charge a large subscription fee for software that’s available for free. There’s no malware involved, so they’re difficult to pick up. The problem is that you’ll typically be charged even if you only use the app once.
Other users have complained that, despite having cancelled the app before the trial period expired, they still got charged. The big deal here is that there’s virtually no way of recovering that money.
How to Protect Yourself
It pays to remember to apply good cybersecurity principles whenever you’re online. Stick to recognized app stores when looking for apps. Google Play isn’t perfect, but it offers more protection than many others out there.
It’s also worth noting that many of these apps are available from the developer’s website. Don’t download from these sites unless the company is trusted.
Don’t just assume that because it’s on the app store, it’s safe. Believe it or not, those fleeceware products did spell out exactly how they’d deduct money. But it was buried in the terms and conditions.
The buyer is warned. As boring as the Ts and Cs are, it’s vital to read them. It’s also essential to read through reviews of the app at the store. Then run a Google search on the app and the developer to be on the safe side.
Check what the app features are. Very few apps are unique, so look around. You might even have an app that already covers most of the features. Understanding what the features are is also an essential security protocol.
When you move to install the app, it will ask for access to certain features of your phone. Malicious apps will often ask for access to areas on your phone that aren’t necessary. Ask yourself if the access it’s requesting makes sense.
Why would a fashion app, for example, need access to the calls you make?
At the end of the day, with a little research and a dose of commonsense, you’ll also be able to sniff out the bad apps.
By Chris Usatenko
Edited by Jenna Delport
Follow Jenna Delport on Twitter
Follow IT News Africa on Twitter
