Malicious apps hide themselves after installation and aggressively display full-screen advertisements.
In recent times we’ve seen multiple malicious apps found in the Google Play Store by various cyber security firms, including Symantec, yet this problem doesn’t seem to be dissipating. We have uncovered another wave of malicious apps in the Play Store which have been downloaded more than 2.1 million times. We reported these apps to Google on September 2, 2019, and they were removed from the store.
A total of 25 Android Package Kits (APKs), mostly masquerading as a photo utility app and a fashion app, were published under 22 different developer accounts, with the initial sample uploaded in April 2019. These 25 malicious hidden apps share a similar code structure and app content, leading us to believe that the developers may be part of the same organizational group or, at the very least, are using the same source code base.