Malware apps with over 2 million downloads found on Google Play Store

Cybersecurity researchers at Mr Web antivirus have discovered a slew of new malware, adware, and phishing apps on the Google Play Store that have amassed over two million downloads.

The apps masquerade as helpful utilities and system optimisers when instead, they contribute to degraded performance and user experience and allow ads to infiltrate the Android operating system.

One such example is an app called TubeBox — which was still available on the Google Play Store yesterday, Sunday, 4 December 2022.

TubeBox alone accumulated more than a million downloads. The app has since been removed from the store.

TubeBox promises monetary rewards for watching videos and ads using the app but fails to deliver on these promises. It presents a range of errors when trying to redeem rewards.

Dr Web listed several other malicious apps available on the Google Play Store, including:

• Bluetooth device autoconnect (1 million downloads)
• Bluetooth & Wi-Fi & USB driver (100,000 downloads)
• Volume, Music Equaliser (50,000 downloads)
• Fast Cleaner & Cooling Master (500 downloads)

These apps receive commands via Firebase Cloud Messaging, causing them to load websites that display ads on infected devices.

The Fast Cleaner & Cooling Master app can also configure infected devices to act as proxy servers, allowing malicious actors to push their own traffic through the device.

Dr Web also found various scam loan apps that claim to have a direct link with Russian banks and investment groups. The apps average 10,000 downloads each.

Now read: Discord launches server subscriptions, lets creators charge up to R3,500 a month

Subscribe to our daily newsletter

Malware apps with over 2 million downloads found on Google Play Store