Infiltrating the Google Play Store
Analysts at Dr. Web antivirus report that adware apps and data-stealing Trojans were among the most prominent Android threats in May 2022.
At the top of the report are spyware apps that can steal information from other apps' notifications, primarily to snatch one-time 2FA passcodes (OTP) and take over accounts.
Among the many threats that managed to infiltrate the Google Play Store, the following five are still available:
- PIP Pic Camera Photo Editor – 1 million downloads, malware masquerading as image-editing software, but which steals the Facebook account credentials of its users.
- Wild & Exotic Animal Wallpaper – 500,000 downloads, an adware trojan that replaces its icon and name to 'SIM Tool Kit' and adds itself to the battery-saving exceptions list.
- ZodiHoroscope – Fortune Finder – 500,000 downloads, malware that steal Facebook account credentials by tricking users into entering them, supposedly to disable in-app ads.
- PIP Camera 2022 – 50,000 downloads, camera effects app that is also a Facebook account hijacker.
- Magnifier Flashlight – 10,000 downloads, adware app that serves videos and static banner ads.
Bleeping Computer has contacted Google to inform them about the above applications and verify if the existing versions were cleaned and resubmitted or are still as dangerous as described in
Dr. Web's report.
However, judging from recent user reviews, these apps are still demonstrating malicious functionality and don't deliver on their features promises.