Researchers at McAfee have found 16 malicious apps infected with Clicker malware in Google Play Store. These apps have been downloaded over 20 million times. Soon after researchers reported this to Google, Google removed all the apps from the Play Store. People who have these apps installed on their Android phones or tablets will have to remove them manually.
These malicious apps cannot stream your data but can do ad fraud. So, these apps were running continuously in the background and draining the battery.
These malicious apps were listed as useful utility apps like Flashlight, QR Readers, Camera, Task managers, and Unit converters. Once the app is opened for the first time, it downloads its remote configuration by executing an HTTP request. Once the configuration is downloaded, it registers the FCM. Then the app starts ad fraud sing remote configuration and FCM techniques.
Here is the full list
- High-Speed Camera (com.hantor.CozyCamera) – 10,000,000+ downloads
- Smart Task Manager (com.james.SmartTaskManager) – 5,000,000+ downloads
- Flashlight+ (kr.caramel.flash_plus) – 1,000,000+ downloads
- 달력메모장 (com.smh.memocalendar) – 1,000,000+ downloads
- K-Dictionary (com.joysoft.wordBook) – 1,000,000+ downloads
- BusanBus (com.kmshack.BusanBus) – 1,000,000+ downloads
- Flashlight+ (com.candlencom.candleprotest) – 500,000+ downloads
- Quick Note (com.movinapp.quicknote) – 500,000+ downloads
- Currency Converter (com.smartwho.SmartCurrencyConverter) – 500,000+ downloads
- Joycode (com.joysoft.barcode) – 100,000+ downloads
- EzDica (com.joysoft.ezdica) – 100,000+ downloads
- Instagram Profile Downloader (com.schedulezero.instapp) – 100,000+ downloads
- Ez Notes (com.meek.tingboard) – 100,000+ downloads
- 손전등 (com.candlencom.flashlite) – 1,000+ downloads
- 계산기 (com.doubleline.calcul) – 100+ downloads
- Flashlight+ (com.dev.imagevault) – 100+ downloads
If you have any of these apps installed on your phone, uninstall them now.
I always recommend people avoid installing APKs from unknown websites to be safe. But what about malicious apps that make their way to Play Store easily? Google should seriously improve its malware scanning to prevent such malicious apps from landing on the Play Store. You should also enable Google Play Protect on your phone which frequently scans all of your apps for malware.
