Google Play Protect does screen every app for malware before a user downloads the app, but the tech giant still has more to do. Google very recently pulled out 29 camera and photo editing apps from the Play Store after they were found to be pushing obtrusive ads, scam users and even steal content.
An investigation carried out by security researchers at Trend Micro found these apps displaying full-screen pop-up ads that linked to explicit content, while some went to the length of downloading a paid media player, and redirect to websites that collected phone numbers and addresses of users.
All 29 apps removed claimed to be camera or photo-editing related, with the top three — Pro Camera Beauty, Cartoon Art Photo, and Emoji Camera, each getting over 1 million downloads. Other popular apps that were removed include, Artistic Effect Filter, Selfie Camera Pro and Horizon Beauty Camera, with each over 1,00,000 downloads.
As per a blog post by Trend Micro, one of the tactics used by apps promising to let users edit and “beautify” their photos involved having them upload their photos to a server, and then responding with a fake prompt about needing to update. Instead of actually returning edited photos, the developers were able to collect users’ photos for other purposes.
Once installed on a smartphone, the malicious software also hid their icons from Android’s list of application, making it almost impossible for users to locate and uninstall them.
The research also revealed that the apps were using packers, an archive compression method, that hid their contents from Google and other security systems.
While Google has done their bit in fishing the culprits out, there’s certainly no guarantee that such apps won’t be making their way into the Play Store in the future. The security researchers responsible for finding these malicious apps hence suggests users pay attention to the comments left in app reviews and avoid any that mention suspicious behaviour or unwanted pop-up ads after installing.