Warning to delete EIGHT ‘dangerous’ Android apps that steal your cash and read your texts
EIGHT scam apps that steal their users' texts and cash have been discovered by cyber security researchers.
With a total of 700,000 installs, the software posed as wallpapers, keyboard skins, puzzles, photo editors and other camera-related apps.
- Read all the latest Phones & Gadgets news
- Keep up-to-date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
Security giant McAfee said in a on Monday that the apps were listed in the Google Play Store in Southwest Asia and the Arabian Peninsula.
Google removed them from the store after receiving reports from McAfee.
"A new wave of fraudulent apps has made its way to the Google Play store," researchers Sang Ryol Ryu and Chanung Pak said.
"The malware embedded in these fraudulent apps hijack SMS message notifications and then make unauthorized purchases."
Apps go through a review process before they're allowed onto the Play store, but fraudsters found an easy way around this.
To get past Google's wardens, the apps were initially submitted as "clean" apps before the malicious code was added through a series of updates.
Attackers would then make purchases using the victim's credit card, making a bucket-load of cash in the process.
McAfee is calling the malware Android/Etinu.
Even though they've been removed from the Play store, the apps could still be on your phone.
If anyone of the following are lurking in your app library, make sure you delete them, pronto.
- com.studio.keypaper2021
- com.pip.editor.camera
- org.my.favorites.up.keypaper
- com.super.color.hairdryer
- com.ce1ab3.app.photo.editor
- com.hit.camera.pip
- com.daynight.keyboard.wallpaper
- com.super.star.ringtones
McAfee said it expected apps like Etinu that hijack SMS notifications will "continue to flourish" in future.
The US firm advised users of the Play store to keep an eye on the permissions apps ask for when you download them.
"It’s important to pay attention to apps that request SMS-related permissions and Notification Listener permissions," researchers wrote.
"Simply put, legitimate photo and wallpaper apps simply won’t ask for those because they’re not necessary for such apps to run.
"If a request seems suspicious, don’t allow it."
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered...
- How to get your deleted Instagram photos back
- How can I change my Facebook password?
- How can I do a duet on TikTok?
- Here's how to use your iPhone's Apple logo as a BUTTON
- How can I change my Amazon Alexa voice in seconds?
- What is dating app Bumble?
- How can I increase my Snapchat score?
- How can I test my broadband internet speed?
- Here's how to find your Sky TV remote in SECONDS
Most read in Phones & Gadgets
In other news, Apple experts have leaked some interesting details about the 2022 iPhone lineup.
Facebook is trialling a video call speed dating app called Sparked.
READ MORE SUN STORIES
And, Google is bringing out a feature to help Android users avoid collisions while texting and walking.
Have you spotted any dodgy Android apps recently? Let us know in the comments!
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]