These sketchy Android apps were so obviously malicious

By- Shipra Das
  • In 2020, a new batch of sketchy Android apps has been identified.

White Ops Satori Threat Intelligence researchers got a little cheeky in a blog post,

that walks through new research identifying a slew of sketchy Android apps found to contain malware,

barely asserted much of a legitimate purpose — and yet somehow managed to amass at least 3.5 million downloads.

“We’ve got a quick mobile app safety tip or two for you:

If the downloaded app is playing hide and seek with you,

the icon disappearing from your home screen, it might be bogus,”

We’re referring, of course, to the constant whack-a-mole style hunt for dodgy,

malicious apps that keep sneaking into the Google Play Store,

and fooling millions of users into downloading them,

a saga we’ve chronicled often here.

The White Ops Satori Threat Intelligence team, meanwhile, continues:

“If the only way you can open the app is by going into your Settings menu

and finding it in a long list of apps, it might be bogus.

  • These 29 Android apps was downloaded at least 3.5 million times.
The results of this investigation by the researchers turned up more than two dozen mobile apps with “suspiciously” high ad traffic volume — 29 Android apps in all,

with so-called code facilitating out-of-context (or, OOC) ads.

The researchers’ report spotlights one of the apps in particular,

called Square Photo Blur, and points to some giveaway signs that it’s malicious.

First of all, “Thomas Mary” is the developer’s name.

“Almost certainly bogus,” the report helpfully points out.

Another red flag here was the fact that customer feedback in the app’s reviews section was almost universally negative against the developer.

The reviews also suggested the app didn’t really do much of anything and bombarded users with ads.

This wasn’t as bad as another report of malicious Android apps found

and booted from the Google Play Store.

 

Shipra Das

