29 Malicious Android Apps with 3.5 Million Downloads: New Scam Campaign

Security researchers have discovered 29 malicious Android apps that have been downloaded a total of 3.5 million times, flooding users with strange advertisements. This is the latest campaign by cybercriminals targeting the Google Play Store.

All of these malicious programs disguise themselves as photo editing software. In reality, none of the promised features are actually implemented. Instead, users are bombarded with random ads.

The scam apps try to hide their presence on the device by removing their icons from the home screen immediately after installation.

According to a report from White Ops specialists, a total of 29 malicious apps were found in the Google Play Store. After analyzing the fraudulent software, it became clear that it generates a suspiciously large amount of ad traffic.

Researchers named the cybercriminals’ campaign “ChartreuseBlur” because most of the apps included the word “Blur” in their names. This makes sense, as the apps were presented as photo editors that allow users to blur certain parts of an image.

All of the intrusive ads appear out of nowhere and make it difficult for people to use their devices normally.

Experts who studied the software emphasized that the malicious component does not reveal itself immediately. There are three stages in the “evolution” of the malicious Android app code. In the first two stages, the code is relatively harmless, but in the third stage, the app’s activity becomes highly suspicious.

You can view the full list of malicious apps, their developers, and the number of downloads in the report available here (PDF).