Several Flashlight Apps in Play Store Found to Harbour Malware

Author Photo
Jan 5, 2018

In an era where most modern smartphones ship with Android Nougat or at least Android Marshmallow, it’s a mystery why third-party flashlight apps are still a thing. Earlier versions of Android didn’t have a method of switching the flashlight on which prompted users to rely on external solutions. That, coupled with the fact that many smartphone users are not tech-savvy and you end up with a lot of malicious apps that make their way to the Play Store, waiting to prey on unsuspecting users who don’t know any better.

A study conducted recently confirms the existence of several flashlight apps in the Google Play store that install malware on the target device. An estimated 1.5 million users were affected, according to the download count of the applications.

chrome-extension-hackRelatedChrome 65 Rolling Out – Security Fixes, Material Design Updates, Tab-Under Blocking, and New APIs

22 apps identified by security researchers

22 different apps, upon further scrutiny by the security firm Check Point, revealed the presence of the malware known as LightsOut. In a bid to entice users to download the malware-ridden app, developers use fancy names. Some of the applications are Voice Recorder Pro, WiFi Password Pro, Super Flashlight Lite, Brightest LED Flashlight-Pro, Realtime Cleaner, Call Recorder Pro, Smart Flashlight, Cool Flashlight, Flashlight Pro, and Network Guard.

Once downloaded, the applications open up a fake settings screen where users are given the option to opt out of advertisements. The option, however, is redundant, as the app then proceeds to disappear from the home screen, making it difficult to remove without some technical knowledge.

Intrusive ads during day-to-day operations

Once the malware is safely embedded in the device, it begins to manifest itself in the form of invasive ads. A user is bombarded with ads while performing pretty much anything, ranging from making phone calls to replying to texts and even plugging in the phone charger.

Despite Google’s Play Protect mechanism in place to protect users from malware, some applications always slip through the net by employing a clever technique that involves a two-step process. The actual app in itself is devoid of any malware, which is then injected into the device after the app is installed. Google has now removed the affected apps from the Play Store.

lebanonRelatedResearchers Discover Spyware Campaigns Operating From A Government Building In Lebanon

Source: ZDnet