Alphabet’s Google (NASDAQ: GOOGL) has banned more than two dozen fake Android apps from the Google Play store after an investigation found that they were stealing user’s photos and data. The 29 apps were discovered to contain malicious code and to be using a variety of tricks to evade Google’s automated security measures. All of the apps have now been removed from the Play store.
All of the apps that have been removed were advertised as “beauty camera” applications. In total, the 29 apps were downloaded more than 4 million times, with a large number of the downloads originating in Asia, mostly in India. Three of the apps, Pro Beauty Camera, Cartoon Art Photo, and Emoji Camera, accounted for more than 3 million of the downloads, with well over a million downloads each. Eleven of the others were downloaded at least 100,000 times.
The malicious apps were found to be executing a number of reprehensible activities. Some of the apps would send users to phishing websites while others attempted to steal users’ personal information by asking them to claim a prize. Some apps popped up advertisements for fraudulent or pornographic content with no indication to a user that the apps was responsible for the pop-ups.
Several of the apps were found to be actively stealing users’ photos by uploading the photos to a private server to be accessed by the malware designers behind the apps. It is believed that these stolen photos are being used for other fraudulent activities, such as social media photos on fake accounts. These fake beauty apps were hidden from a user’s application list, making them difficult to uninstall.
According to reports, all of the apps made a great effort to appear as legitimate as possible while using various techniques to get around Google’s scrutiny. Some of these techniques included encrypting functions so that they couldn’t be detected, using packers (compression archives), executing malicious code on a timer so that it would only activate after the app had already been scanned.