36 fake security apps on Google Play to avoid.

Cao Cuong January 9, 2018 15:00

Security researchers have discovered 36 malicious Android apps disguised as security tools on the Google Play store.

Security Defender, Guardian Antivirus, Smart Security, Security Keeper, Deep Cleaner, và Advanced Boost là các ứng dụng nguy hiểm nhất trong số 36 ứng dụng độc hại bị phát hiện - Ảnh: Life Wire.
Security Defender, Guardian Antivirus, Smart Security, Security Keeper, Deep Cleaner, and Advanced Boost are among the most dangerous of the 36 malicious apps detected. (Image: Life Wire)

According to Trend Micro, most of these apps are "advertised" as offering users numerous security features including junk file removal, battery saving, scanning, CPU cooling, app locking, Wi-Fi security, email security, and more. However, they actually collect data, track user location, and bombard users with spam ads.

Security Defender, Guardian Antivirus, Smart Security, Security Keeper, Deep Cleaner, and Advanced Boost are among the most dangerous of the 36 malicious apps detected. Trend Micro stated: "They operate 'stealth,' not appearing in the launcher's app list on devices like the Google Nexus 6P, LGE LG-H525n, Xiaomi MI 4LTE, and ZTE N958St to avoid detection. On other devices, they will display a pop-up window on the phone's screen."

These applications can collect a wealth of user and device information, then send it to a remote server, including Android ID, Mac ID, IMSI, operating system details, device model, language, location, data from other installed applications such as Facebook and Google Play, and even specific information like screen size.

The researchers added: "When installing a new app, you receive a notification about the storage space and a check before activation. However, when downloading these malicious apps, no data is displayed. This tactic is designed to avoid Google Play's checks and prevent user suspicion."

Besides malware warnings, users also encounter a barrage of spam ads constantly appearing on their screens. These fraudulent ads persist even when the device is locked or unlocked, or when connected to a charger.

Once users click the suggested "Resolve" button, they are further tricked. They are then asked to agree to an End User License Agreement (EULA) to remove the ads. However, researchers argue that if users accidentally click it, "the collection and transmission of personal data will no longer be related to the app's functionality."

Trend Micro has now notified Google about these fake applications.

Source: tuoitre.vn
Copy Link
0 0 0
x
36 fake security apps on Google Play to avoid.
Google News
POWERED BYFREECMS- A PRODUCT OFNEKO