Cyber security research firm Sophos published an update recently, cautioning Android users about 15 pesky apps which cleverly hide themselves on your device for forced advertising.
Sophos claims that more than a million devices across the world have these apps installed. Their .apk filenames are as follows:-
- free.calls.messages
- com.a.bluescanner
- com.bb.image.editor
- com.cc.image.editor
- com.d.bluemagentascanner
- com.doo.keeping
- com.e.orangeredscanner
- com.hz.audio
- cos.mos.comprehensive
- com.garbege.background.cutout
- com.hanroom.cutbackground
- com.jiajia.autocut.photo
- com.jiakebull.picture.background
- com.fruit.autocut.photo
Google has removed these apps from Play Store, a visual collage of these apps alongwith their icons is as follows:-
Source: Sophos
Developers of these apps employed various cunning techniques to deceptively inject themselves onto user devices.
Some apps even displayed fake warnings about incompatibility and the icon would disappear even from the launcher’s app tray; however, they would often change their names and get lost in your device directory.
Ultimately, many people gave up on the hassle.
Users are advised to download apps which have been reviewed online by an accredited publication or authority before downloading anything fancy.
Google’s take-down was prompted by an intimation by SophosLabs in July 2019.