Google boasts of robust security rules for its Play Store, promising safe downloads and strict action against malicious apps for users. But, with millions of applications hosted on the store front, there’s also a considerable amount of malicious content that can harm Android users. Now, prominent cybersecurity and anti-virus firm Kaspersky has claimed that Android users downloaded malware from Google’s Play Store over 600 million times in 2023. These infected apps include mini-game ads that collect user data, Minecraft clones, aps that promise monetary rewards, and more.
According to a report compiled by Kaspersky, citing various other reports and sources, malicious developers have found new ways to bypass Google’s security checks to list their apps on the Play Store. The firm found different kinds of infected content and applications downloaded via the storefront, that pose a serious security threat to Android users. The biggest defaulter turned out to be suspicious apps with in-app mini-game ads that harvest data, with over 451 million downloads. According to the report, a malware called SpinOk was found infecting over a 100 apps on the store this year, showing up as in-app mini games promising monetary rewards while collecting user data.
The report also noted over a 100 million downloads for apps infected with hidden ads and over 35 million downloads for ad-riddled clones of the popular game Minecraft. Thirty-eight Minecraft clones with hidden adware were found on Play Store this year, the report said. Mojang’s Minecraft, a sandbox-style survival game, has over 50 million downloads on the Play Store and is thus a major target for bad actors.
Additionally, suspicious apps that promise monetary rewards also racked up 20 million downloads. These primarily include apps posing as health and activity trackers that promise lucrative rewards for completing physical activity goals. The report also mentioned over 40 apps, which were downloaded 2.5 million times, infected with background adware.
Two file manager apps with a total of 1.5 million downloads were also found collecting user data, despite claiming that they don’t do so. These spyware apps were reportedly sending key user data like contacts, location, photos, audio, video and more to servers in China.
Kaspersky experts also found Play Store apps infected with the Fleckpe subscription Trojan. These apps, when downloaded and run, would install a malicious payload on the user’s smartphone that collected country and cellular operator information. The malware then opened Web pages with paid subscriptions in the browser and maliciously subscribed the user to services.
The report also mentioned 50,000 downloads of an iRecorder screen recording app for Android. The app, which was uploaded to the Play Store in 2021, comes with a malicious code that makes the app record sound from the smartphone microphone every 15 minutes and send to the server of the developers.
Earlier this year, Kaspersky had found a cybersecurity threat that targeted iPhone users via a malicious iMessage attachment. The threat didn’t require users to do anything and utilised an iOS vulnerability to install a spyware that took complete control of device and user data.