+ Sunday August 18th, 2019

Security form Trend Micro posted on their site detailing the discovery of some 29 malicious camera in from the Google Play store.

The good news? They’re gone – removed by Google. The bad news? They collectively ranked up a few million downloads, and apparently managed to evade Google Play Protect while doing so.

Many of the apps say they’re applying filters or effects, but in reality just upload an image to a remote server and show a deliberate error message.

In the worst cases, the user is shown ads and pornographic images. Some of the apps also attempt to hide themselves to evade uninstall attempts, and show full screen ads as users unlock their phones.

Trend Micro also suggests checking the reviews of apps before downloading them, noting the “U” pattern of review scores on most of these apps indicated a glut of (likely fake) 5-star reviews countered by a flood of 1-star user reviews. With little to no middle ground, something could be afoot.

The full list of apps:

Art Editor
Art Effect
Art Effect
Art Effects for Photo
Art Filter
Art Filter Photo
Art Filter Photo Editor
Art Filter Photo Effcts
ArtFlipPhotoEditing
Artistic effect Filter
Awesome Cartoon Art
Beauty Camera
Cartoon Art Photo
Cartoon Art Photo
Cartoon Art Photo Filter
Cartoon Effect
Cartoon Photo Filter
Emoji Camera
Fill Art Photo Editor
Horizon Beauty Camera
Magic Art Filter Photo Editor
Photo Art Effect
Photo Editor
Pixture
Prizma Photo Effect
Pro Camera Beauty
Selfie Camera Pro
Super Camera
Wallpapers HD

It’s not noted whether Google removed the apps as a result of Trend Micro’s research, or independently discovered the malicious nature of the apps themselves.

Security in this realm can be a bit of a game of cat-and-mouse. While Google Play Protect didn’t pick these apps up, you can bet the team behind that service is taking a good hard look at these apps to ensure they can detect the tricks employed by these developers in future.

For more details about how the apps worked and how Trend Micro discovered them, head over to Trend Micro’s Security Intelligence Blog.

Source: Trend Micro.

Jason Murray   Assistant Editor

Jason Murray

Before discovering the Nexus One, Jason thought he didn't need a smartphone. Now he can't bear to be without his Android phone. Jason hails from Sydney, Melbourne or Brisbane depending on his mood and how detailed a history you'd like. A web developer by day with an interest in consumer gadgets and electronics, he also enjoys reading comics and has a worryingly large collection of Transformers figures. He'd like to think he's a gamer, but his Wii has been in a box since he moved to Sydney, and his PlayStation Vita collection is quite lacking. Most mornings you'll find him tilting at various windmills on Twitter - follow @JM77 and say hi!

3
Join the Ausdroid Conversation

avatar
2 Comment threads
1 Thread replies
2 Followers
 
Most reacted comment
Hottest comment thread
2 Comment authors
BradDarren Recent comment authors
  Subscribe  
newest oldest most voted
Notify of
Brad
Guest
Brad

Very surprised about the Prizma app if it is the same one as I used as it was praised by many around the world shortly after it’s release.

Brad
Guest
Brad

Ah just checked Google Play and the app I was using was Prisma and not Prizma. Typo in my memory. 🙂

Darren
Ausdroid Reader
Darren

Reviews will nearly always tip you off.

Check Also

ChromeOS update brings a better experience to users

We’re very lucky at Ausdroid to have opportunity to play with the latest and greatest …