These fake apps were free, but they ended up costing at least 5.9 million people using Android.
Researchers from Check Point, a security company, said it discovered 50 apps hiding malware on the Google Play Store. These viruses were disguised as free wallpaper, camera and video editing apps, but contained a costly side effect.
It would secretly register victims to text-based services, and subscribe for text messages, which infected people would end up paying for. The original malware, which McAfee discovered a previous version of in January, had been downloaded between 5.9 million and 21.1 million times before Google removed the infected apps from its market.
Check Point named the new strain “ExpensiveWall,” after finding that the majority of the infected apps were fake wallpapers. The security company said it notified Google on August 7 about the phony apps, and it quickly removed them. But within days, even more fake apps popped up, and they were downloaded more than 5,000 times before Google removed the new crop.
This malware is able to slip by Google’s Play Protect, which is supposed to scan your Android device constantly to make sure there’s no issues from bad apps. That’s because the malware is “packed,” an advanced hiding technique that malware writers use to let it duck under Google’s radar, Check Point said.
Google did not respond to a request for comment.
Even though Google removed the apps from its store, if you’ve downloaded it, your device is still infected, Check Point’s researchers warned.