More often than now, apps on Google Play Store carry malware. Thus, it is important to stay vigilant and diligent when downloading and installing any new app. This time, the newly-discovered malware-laden apps have been downloaded over two million times already thereby a lot of devices are compromised.
Fast Cleaner & Cooling Master is a trojan on the Google Play Store discovered by Cybersecurity Doctor Web. This app claims to optimize the OS thereby improving the Android performance on the device.
However, what it does is communicate with developers through AppMetrica Push SDK or Firebase Cloud Messaging, display ads on smartphones, or use those smartphones as proxy servers. If you have this app on your phone, third parties could route their traffic via your device.
Fortunately, the app has been downloaded only about a thousand times. Thus, it is not a huge malware breakout yet. However, Cybersecurity Doctor Web has discovered other trojans that use Firebase Cloud Messaging to communicate with their developers to load specific websites.
Suggested read: Here’s Some Malware on the Apple App Store!
They found three apps namely ‘Volume Music Equalizer’ with 50000 downloads, ‘Bluetooth device auto connect’ with one million downloads and ‘Bluetooth & Wi-Fi & USB’ driver with 100,000 downloads.
The ‘Bluetooth device auto connect’ app claims to improve Bluetooth connection and offer automatic connection to Bluetooth devices. Thus, you can bypass the Bluetooth settings of Android every time you wanted to link. This is not the only trojan with such a high number of downloads.
‘TubeBox’ has also been downloaded more than one million times. It enticed people with its easy way to make money. Users are required to watch videos with ads on the app which would generate coins and coupons that can be redeemed for real cash.
However, nobody could redeem the credits due to ‘problems reported by the app. This clearly shows the app never meant to give out money to users but the developers pocketed all the revenues.
Suggested read: Beware of these Apps that Might Steal Money from Bank Accounts
How to protect your device?
Google does not have any way to know whether or not a prospective app has malware. It cannot also alert users to suggest in that way before anybody chooses to download an app. Google takes steps to take down the app only when they learn about any malware within the app either by user complaint or other means.
Thus, you need to be alert to avoid downloading suspicious apps. Always read and inspect the app’s Play Store page completely before downloading it. For instance, check the name, the graphics, the app description, etc. Look for red flags like the app’s description does not match the intended use, moreover, they are poorly written, or words are misspelled.
Also, look for reviews. Whether you would find more positive or more negative reviews. If you see that there are no negative reviews and very few positive reviews or no reviews at all despite the app being downloaded million times, consider it to be malware-laden.