"Android Malware: A Million People Downloaded These Malicious Apps Before They Were Finally Removed From Google Play"
Google has removed some malicious apps from the Google Play Store that were downloaded by over a million Android users. The apps infected smartphones with malware and bombarded devices with malicious pop-up ads. According to cybersecurity researchers at Malwarebytes, the four identified as malicious were from a developer called Mobile apps Group. These apps were called 'Bluetooth Auto Connect,' 'Bluetooth App Sender,' 'Mobile transfer: smart switch,' and 'Driver: Bluetooth, Wi-Fi, USB.' The apps show no signs of malicious intent for at least a few days after installation. Furthermore, the malware does not immediately bombard victims with pop-ups and malicious links once the activity begins. First, after displaying the initial pop-up, the malware waits two hours before displaying the next ad. Following the initial delay, the app repeatedly opens tabs in Google Chrome to display advertising links in an attempt to generate clicks in order to generate revenue. The victim does not need to be actively using their phone for the pop-ups to appear, as the links can be opened in the background. This intrusive activity has made Malwarebytes classify the malware as Trojan malware instead of adware. Although the apps are no longer available for download, users who have already installed them will remain infected with malware unless they manually uninstall them. This article continues to discuss the removal and capabilities of the four malicious Android apps.