Wednesday, October 9, 2024
HomeAndroid4 Million Android Users Infected by Malicious Beauty Camera App From Google...

4 Million Android Users Infected by Malicious Beauty Camera App From Google Play that Steals Personal Pictures

Published on

Google play Store flooding the several malicious beauty camera apps that steal Android users sensitive images and apps, the malicious app was already downloaded by more than 4 million Android users.

Initially, these apps don’t indicate any malicious activities until infected users decide to delete the app and the maximum number of downloads originated from Asia.

These apps are difficult to uninstall since the hide its icon from the application list that make difficult to drag the app and uninstall from home page.

- Advertisement - EHA

For instances, one of the malicious app from Google play store called com.beauty.camera.project.cloud popups the pornography contents ads whenever infected users unlock the screen.

malicious beauty camera apps

Researchers found a paid online pornography player (detected as AndroidOS_PornPlayer.UHRXA) that was downloaded when clicking the pop-up.

29 apps were claiming to be camera or photo-editing related, with the top three, “Pro Camera Beauty,” “Cartoon Art Photo,” and “Emoji Camera,” getting over 1 million downloads each, while others like “Artistic effect Filter,” “Selfie Camera Pro,” and “Horizon Beauty Camera,” had over 100,000 downloads each.

Malicious Android Apps infection Process

Malicious ads are doesn’t indicate anything and its very difficult for users to determine that where it come from and who is behind these ads.

Some of the malicious Android apps are redirecting users to Phishing websites where the users tricks and give away their personal information, such as addresses and phone numbers.

malicious beauty camera apps

For instance, one of the apps that you can see in the above image indicates to force users to click OK that leads to one of the malicious websites which claim that the user wins the cash price and asking the personal details.

According to Trend micro “Further investigation led to another batch of photo filter-related apps that share similar behavior on Google Play. These apps seemingly allow users to “beautify” their pictures by uploading them to the designated server. “

malicious beauty camera apps

Finally, instead of edited photo result, Users getting the picture with a fake update prompt in nine different languages and the attackers collect the uploaded photo for malicious purpose.

All the malicious apps ware reported to Google and it was taken down from Google play but still already downloaded users are affected by these malicious apps.

Given that many of these malicious apps take great pains to look as legitimate as possible, users should always investigate the legitimacy of an app. One good method of doing this is by checking reviews from other users, Trend Micro said.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

2 Android Apps From Google Play Store Launching Banking Malware With Sophisticated Evasion Techniques

9 Fake Apps Found On Google Play With More than 8 Million Installs

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Badge and CyberArk Announce Partnership to Redefine Privacy in PAM and Secrets Management

Partnership aims to help businesses eliminate vulnerable attack surfaces and provide a more streamlined...

LemonDuck Malware Exploiting SMB Vulnerabilities To Attack Windwos Servers

The attackers exploited the EternalBlue vulnerability to gain initial access to the observatory farm,...

Critical Automative 0-Day Flaws Let Attackers Gain Full Control Over Cars

Recent discoveries in the automotive cybersecurity landscape have unveiled a series of critical zero-day...

Likho Hackers Using MeshCentral For Remotely Managing Victim Systems

The Awaken Likho APT group launched a new campaign in June of 2024 with...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Likho Hackers Using MeshCentral For Remotely Managing Victim Systems

The Awaken Likho APT group launched a new campaign in June of 2024 with...

Hackers Gained Unauthorized Network Access to Casio Networks

Casio Computer Co., Ltd. has confirmed that a third party illegally accessed its network...

Open-Source Scanner Released to Detect CUPS Vulnerability

A new open-source scanner has been released to detect a critical vulnerability in the...