Fake beauty apps on Google Play Store enjoyed millions of downloads

Fake beauty apps on Google Play Store enjoyed millions of downloads

Fake beauty apps on Google Play Store enjoyed millions of downloads

Security researchers have discovered dozens of fake beauty apps on the Google Play Store that have no real functionality of their own but play advertisements on users’ devices, steal photos of app users, and redirect users to malicious phishing websites that ask for their personal information.

These apps have been surprisingly popular in Asia, particularly in India, where some of them, such as Pro Camera Beauty, Cartoon Art Photo, and Emoji Camera, have been downloaded over a million times and others such as Art Editor, Artistic Effect Filter, Super Camera, and Selfie Cam Pro have been downloaded hundreds of thousands of times by unsuspecting Android users.

Reviews of such apps on the Google Play Store suggest that those who downloaded them quickly realised that such apps were fake and were only introduced on the Play Store to play advertisements on user devices and to steal photos of users to create false profiles on social media. A majority of reviewers have given a 1-star rating to all of these apps.

Beauty apps played ads, redirected users to phishing sites

According to security researchers at Trend Micro, these apps were not only pushing harmless ads but were also malicious in nature as they redirected their users to fake websites where they were asked to provide their addresses and phone numbers to claim surprise gifts.

These apps also hid their icons from application lists in Android devices so that users could not delete them post installation. Some of these apps also used packers to ensure they could not be analyzed.

“The app will push several full-screen ads when users unlock their devices, including malicious ads (such as fraudulent content and pornography) that will pop up via the user’s browser. During our analysis, we found a paid online pornography player. None of these apps give any indication that they are the ones behind the ads, thus users might find it difficult to determine where they’re coming from,” the researchers said.

They were also able to find a number of other photo filter-related apps that allowed users to upload their photos and beautify them but instead of delivering final results, displayed a picture with a fake update prompt in nine different languages to users.

Trend Micro noted that the remote server, with which these photo filter-related apps communicate, is encoded with BASE64 twice in the code and the same technique is used by the apps to hide themselves as well.

If you have been using beauty camera apps or photo filter apps downloaded from the Play Store, you need not worry as Google removed these apps as soon as they were reported by Trend Micro. However, there is a possibility that there may be thousands of similar apps on the Play Store that may not be genuine, so in order to guard against them, do check out their reviews on the Play Store before downloading new apps.

ALSO READ: 36 mobile security apps on Play Store caught stealing user data and pushing ads

Copyright Lyonsdown Limited 2021

Top Articles

Amazon fined a staggering £636 million in Europe for GDPR violations

Luxembourg’s National Commission for Data Protection (CNPD) has imposed an unprecedented fine of €746 million (£636 million) on Amazon for GDPR violations.

SysAdmin Day 2021: Paying thanks to the unsung IT heroes

Today is SysAdmin Day when we should pay tribute to the system administrators working around the clock to keep business running smoothly

Former First Sea Lord says Royal Navy ships are vulnerable to hackers

A former First Sea Lord has warned that Royal Navy ships and Britain's merchant fleet could become sitting ducks for hackers if adversaries find ways to knock out satellite communications.

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]