ndroid users use Google Play Store to download a variety of applications including games, entertainment, and more. However, what if we tell you that there are 4 malicious Android applications present on Google Play Store that can lead you to harmful phishing sites and can even steal your private information secretly. Yes, according to the information, four malicious apps from developer Mobile apps Group are listed on Google Play and they are infected with Android/Trojan.HiddenAds.BTGTHB and have amassed at least one million downloads.
“A family of malicious apps from developer Mobile apps Group are listed on Google Play and infected with Android/Trojan.HiddenAds.BTGTHB. In total, four apps are listed, and together they have amassed at least one million downloads. Older versions of these apps have been detected in the past as different variants of Android/Trojan.HiddenAds. Yet, the developer is still on Google Play dispensing its latest HiddenAds malware,” according to a blog post by Malwarebytes.
The four Android applications that have been detected with the malware are:
1. Bluetooth Auto Connect
2. Bluetooth App Sender
3. Driver: Bluetooth, Wi-Fi, USB
4. Mobile transfer: smart switch
These apps have had a long history of being infected with different variants of HiddenAds. You are advised to delete these applications if you have them installed in your phone. According to the blog post, the apps open phishing sites in Google Chrome even when the device is locked. And as the user unlocks the device, they are taken to a new tab with the latest malicious site. After this you will observe new tabs opening frequently with a new site and that too automatically.
These malware range from using harmless tricks, generating revenue via pay-per-click to stealing users’ sensitive information.