14 DAY TRIAL // Thirteen apps installed 560,000 times by Android users were recently found by security researcher Lukas Stefanko to have no real functionality besides spreading malware and posing as driving simulation games in the Google Play Store.
Stefanko described his findings in a series of Twitter posts: once installed and launched on the Android device, the apps developed and published by Luiz O Pinto will hide by deleting their icon and prompting the victims to download an extra APK Android application package.
Following the installation of the APK file, the fake apps will start displaying apps on the compromised devices and, according to some reports, causing the Android device to slow down noticeably.
Although Stefanko was not able to pinpoint the exact malware family used by the attackers behind these fake apps, but a VirusTotal scan of the APK used to drop the ad-distributing malware on the infected Android devices does provide a few hits.
At least two anti-malware suites label it as the Hiddad Trojan, a few of them identify it as a Trojan using heuristics, while a few others mark it as an unknown risk.
According to Avira, the Hiddad Android Trojan is known for asking users to give five-star ratings to the malicious apps it powered for removing the ads it displayed to boost their store ratings (Spoiler it didn't.)
Some of the fake apps appeared in Google Play's top rankings
If the malware found by the security researcher is the Hiddad Trojan, it might seem that its 'developer' decided to remove the risk of being detected by pestering the victims with rating requests.
Fortunately, right after the researcher reported the apps to Google on Monday they were removed from the official Android store.
Despite this, it is quite curious that Google did not at least catch a whiff of something being out of place given that there were reports about the fake apps' malicious behavior and that they were doing their best to camouflage as other popular apps by imitating their store graphics.
What is even more worrying is that this type of fake apps with no real functionality to speak of managed to be installed on more than half a million Android devices.
Even more so, the Google Play store was also promoting them, with at least two of the apps (i.e., Car Driving Simulator and Luxury Cars SUV) being on the third and ninth places in the Top New Free Racing Games while they were still available for download.
App functionality demonstration pic.twitter.com/11HskeD56S — Lukas Stefanko (@LukasStefanko) November 19, 2018
