Over a dozen malicious apps recently appeared on the Google Play Store and have been installed over half a million times. Once downloaded, the malicious apps, posing as driving games were designed to crash each time they were opened.
The apps were discovered by ESET security researcher Lukas Stefanko, who took to Twitter to report them publicly. According to Stefanko, there were 13 malicious apps on Google Play and two of the apps were trending on the app store.
Once downloaded onto a victim’s device, these malicious apps downloaded a malware behind the scenes, which, in turn, deleted the apps’ icon, making it challenging for the victim to remove the app. Although it is unclear as to the malware’s primary function and motive, it was reportedly apparent that the malware was designed to be persistent.
Google spokesperson Scott Westover told TechCrunch that the apps “violated our policies and have been removed from the Play Store.”
The presence of the malicious apps on Play Store is further evidence of Google’s security lapse pertaining to app security. There have been multiple instances of cybercriminals uploading malware-laced apps directly onto Google Play before, distributing a variety of malware to Android users.
Despite Google’s efforts to crack down on Android developers and tighten Google Play’s security, it appears that malicious apps continue to slip past the tech giant’s security measures and pose a threat to Android users.