But now, Google has given an urgent warning that affects over a million Android users. Read on to see if you’re affected by the latest security risk. Despite the tech giant’s best efforts, Android phones have been no stranger to new security threats in recent months, especially regarding app or software downloads. Last month, cybersecurity firm Kaspersky announced that it had discovered three apps in the Google Play store that contain Trojan-style hacker software known as “Jocker.” After posing as another popular or well-known program, unsuspecting users who download the malware can run up costly bills as cyber criminals sign up for various expensive subscriptions to other services.
Smartphone users are accustomed to installing many apps to complete various tasks, regardless of their level of technical expertise. In most situations, the software can extend your device’s capabilities, allowing you to do everything from post to social media and manage recipes to checking current weather and avoiding traffic jams while running errands. According to Statista, the Google Play Store has 3.48 million apps available for download and the Apple App Store had 2.22 million programmes available for download as of early 2021. Despite the vast array of goods offered, both firms go to considerable pains to ensure that their hardware and software are safe to use.
On June 14, antivirus company Dr. Web announced that it had discovered a popular app on Google’s Play Store containing potentially dangerous malware, The Sun reports. The program, known as PIP Pic Camera Photo Editor, was downloaded by more than a million Android users before Google discovered the threat and blocked access to the program earlier this week. However, the cyber firm warns that those who still have the program installed on their devices are still at risk of identity theft from the nefarious software.
In April, another app-related security issue came to light when financial cybersecurity firm ThreatFabric announced in a blog post that it had discovered a new version of an infamous piece of Android-targeting malware known as “Octo.” The notorious program allows crooks to fully take over any devices that install it, allowing them to commit identity theft or steal other sensitive information from the hardware. And in March, Google announced that it had banned dozens of apps from its Google Play marketplace after a private investigation discovered that a company involved in their development had designed them to secretly collect and transmit data on users who had downloaded them, The Wall Street Journal reported. But now, experts have discovered another potentially serious threat related to the devices.
But while the camera editor app may have been the most popular Trojan-style program the antivirus firm discovered, it wasn’t the only one. The investigations also found that more than half a million users each downloaded the Wild & Exotic Animal Wallpaper and ZodiHoroscope programs, which run battery-draining ads and steal Facebook credentials from victims, respectively, IT website SecNews reports. Fifty thousand users also downloaded PIP Camera 2022, which also operates as Facebook account hijacking software. And 10,000 Android users installed adware disguised as the Magnifier Flashlight app.
According to Dr. Web, Android users who unwittingly download the app believing they can use it to touch up photos are actually installing malware that steals their Facebook login credentials, including their username and password. Cybercriminals then use the information to commit identity fraud online, gain access to other accounts, and send scam messages to the victim’s contacts, The Sun reports.
While Google has since removed some of the affected apps from its Play marketplace and blocked downloads of others, anyone who installed the programs onto their devices could be at risk, experts at Dr. Web warn. They advise immediately deleting the software and running an antivirus sweep of any phone to ensure the malware is entirely removed. Users should also secure their Facebook accounts by changing their passwords immediately.
Experts warn that even though the best way to avoid accidentally downloading malicious software is by sticking to official app marketplaces such as the App Store and the Play Store, certain threats can still slip through the cracks. In reporting the results of its investigation last month, Kaspersky recommended always reading user reviews of programs before downloading them. They also suggest being careful of which permissions you grant to new apps, cautioning to “only allow access to notifications for apps that need it to perform their intended purposes—for example, to transfer notifications to wearable devices. Apps for something like themed wallpapers or photo editing don’t need access to your notifications.”