Skip to main content

Delete these eight malware-ridden Android apps immediately

Security researchers from the firm Check Point have discovered two families of malware in apps on the Google Play Store: a new family called Haken and the resurgence of an older family called Joker.

Both families are “clicker” malware, meaning they take over users’ devices and fraudulently mimic clicks on ads. They can also access huge amounts of data, including anything displayed on screen or locally stored on a device. As well as stealing data, the malware can also sign up users for premium subscriptions they did not agree to.

According to the researchers, the apps which contained the malware appeared on the surface to be legitimate. They included camera apps and apps aimed at children, who are less able to identify the warning signs of an untrustworthy app. The eight apps in question are:

  • Kids Coloring
  • Compass
  • qrcode
  • Fruits coloring book
  • Soccer coloring book
  • Fruit jump tower
  • Ball number shooter
  • Inongdan

The researchers estimate that these eight malicious apps have been installed on over 50,000 Android devices. When considered in the context of the millions of Android users, that number is not huge. However, when considered in the context of how common malware in general is on the Play Store, the numbers tell a different story. In September last year, 25 malicious apps were discovered which had been downloaded more than 2 million times. And again in October last year, 42 malicious apps were discovered which had been downloaded more than 8 million times.

If you have any of the eight apps listed above installed on your device, then you should uninstall them as soon as possible. You should also check both your mobile phone bill and your credit card bill for any unauthorized transactions. The malware signs people up for subscriptions without their permission, so check in particular for subscriptions you did not authorize and unsubscribe from them.

The eight apps have now been removed from the Play Store, but this is a reminder to be careful when downloading Android apps as malware can be hidden in apparently legitimate-looking apps. Trusting that an app has been verified by Google because it appears on the Play Store is not enough.

“Some app developers have devised ingenious methods to conceal their apps’ true intent from Google’s scrutiny,” Check Point researchers wrote in a blog post. “Coupled with a fragmented Android ecosystem, in which a large number of device manufacturers infrequently offer critical OS updates, users cannot rely on Google Play’s security measures alone to ensure their devices are protected.”

Georgina Torbet
Georgina is the Digital Trends space writer, covering human space exploration, planetary science, and cosmology. She…
A dangerous new jailbreak for AI chatbots was just discovered
the side of a Microsoft building

Microsoft has released more details about a troubling new generative AI jailbreak technique it has discovered, called "Skeleton Key." Using this prompt injection method, malicious users can effectively bypass a chatbot's safety guardrails, the security features that keeps ChatGPT from going full Taye.

Skeleton Key is an example of a prompt injection or prompt engineering attack. It's a multi-turn strategy designed to essentially convince an AI model to ignore its ingrained safety guardrails, "[causing] the system to violate its operators’ policies, make decisions unduly influenced by a user, or execute malicious instructions," Mark Russinovich, CTO of Microsoft Azure, wrote in the announcement.

Read more