As hard as Google is trying to weed out malicious apps from the Play Store, hackers seem to be one step ahead. One modus operandi used successfully in the past to come clean in the Play Store scrutiny is to initially put up a clean copy of the applications, and then in consequent updates push the malware onto the unassuming devices having the app installed. Another fresh instance of this methodology has come to light in the Play Store, and you need to be aware if any of these apps is installed.
The discovery was made by McAfee Mobile Security that identified eight Android apps in total, guilty of serious unauthorized hacking methods to hijack user’s device. To an extent where under user’s nose, they were able to steal text message information for sensitive content like OTPs, and also make unauthorized purchases.
These apps listed in the Southwest Asia and Arabian Peninsula region were the ones to blame. After McAfee’s report, the apps were removed from the Play Store. Before being pulled off these had over 700,000 official installs.
Most of these apps were cleverly disguised as keyboard skins, puzzles, wallpapers, photo editors, or other camera-related apps. As mentioned before, these applications would turn malicious in the version update, and as soon as the user updated them, it spelled doom for them.
The apps are shunned out of Play Store, but if you have them installed you need to remove them manually, ASAP. The apps in question are – com.studio.keypaper2021, com.pip.editor.camera, org.my.favorites.up.keypaper, com.super.color.hairdryer, com.ce1ab3.app.photo.editor, com.hit.camera.pip, com.daynight.keyboard.wallpaper, and com.super.star.ringtones.
One fix to keep safe of harm’s way for any future attacks from apps disguised as legitimate is to not grant them permissions that are not needed. Android 12 might come with the native solution to this, but till then you’ll have to set the permissions manually.