Google Play, discovered 35 false security apps, install a total of over 6 million times.
Google Apps dangerous apps
In the official Google Play store, Eset security researchers have recently discovered 35 false security apps for Android mobile devices. Some of these apps, reports the National Cert site, have been featured on Google Play for years, with statistics showing a total of over six million installations.
Not all of these correspond to real downloads by users: there are in fact bots that commonly perform false downloads and then publish positive reviews to improve the evaluation of certain apps.
These potentially harmful apps present themselves as security tools, but their main purpose is to display unwanted ads and bogus security notices. In addition to annoying their victims with unwelcome advertising, disguising themselves as security software these apps also have some very negative side effects for users.
In the effort to imitate the basic functions of a true mobile security app, these fake apps operate by performing very primitive security checks that rely on a few trivial codified rules, often by detecting legitimate apps as malicious.
Furthermore, they create a false sense of security in the victims, which could expose them to real risks arising from malicious apps that are not detected as such. Among these 35 apps, only a handful – Eset’s analysis has shown – is distinguished by specific characteristics: one of these apps is not completely free as it offers a paid upgrade; an app has implemented a block function for primitive apps, easily circumvented; another app signals the other apps of this group as dangerous by default.
How the Fake Android Apps Mimic as Real Security Apps
All these counterfeit applications that have been reported by ESET are now being kept under the watchful eye of those who must monitor web security. These 35 apps include 4 specific categories that help avoid problems.
White list of packages and black list
Its popular whitelist apps like Facebook, Instagram, LinkedIn, Skype and others have few accredited apps.
Black list of permits
All apps (including legitimate apps) are marked if they require some of the listed dangerous permissions, such as sending and receiving text messages, accessing location data, accessing the camera, etc.
Whitelist of origin
All apps, except those of the official Android store, Google Play, are marked, even if completely harmless.
Black list of activities
All the apps that contain one of the activities in the blacklist: that is, parts of applications. This mainly affects some ads display activities.
You can refer to ESET for IOC and False AntiVirus app name.