Millions of Android devices infected with wallet-draining malware

Millions of Android devices infected with wallet-draining malware

That Android wallpaper app is actually signing you up for premium services. Researchers have discovered another batch of seemingly innocent Android apps that are actually designed to push malware onto the endpoints, and rake up expenses to the unsuspecting victims.

The Dr. Web antivirus team found the most recent batch, which includes wallpaper programs, keyboards, picture editors, video editors, and occasionally cache cleanser or system maintenance apps. The batch has received more than 10 million downloads overall.

Overall, 28 apps were found on the Google Play Store, having somehow managed to bypass Google’s strict security policies. 

Subscribe to Our Epblogs Telegram Channel instant breaking news, deals, opinion to stay up to date on the latest news and reviews.


Android apps hacked

Regarding the damages, the procedure is essentially unchanged. Once downloaded, the majority of programs will make an effort to disappear, appearing as system apps in the app drawer. They do this in the hopes that the people won’t uninstall them. Then, in order to generate more revenue, the applications would push advertisements and try to sign the victim up for a variety of premium services.

If users hadn’t granted the required rights to the apps, none of this would have been possible. Even though the apps have a straightforward design (and do what they claim to), they frequently request advanced permissions from users, such as the right to be exempt from battery saving features, in order to run in the background even after the user closes the app, which is a major warning sign in and of itself.

Three of the apps are still available on the Play Store, but the most have already been deleted. Even if all of the apps were deleted, they have still been downloaded millions of times, thus they will continue to pose a threat until they are completely deleted from the smartphones of all victims.

Since harmful programs are getting better at hiding in plain sight, merely downloading from reputable sites is no longer the only recommendation. Users should check the reviews as well because they offer a reliable indication of the apps’ reliability. Additionally, be sure to verify that there are many reviews, as threat actors have been known to spoof some of them. It’s better to avoid an app if there are few reviews for it.

Here is the full list of malicious apps discovered by the researchers:

  • Photo Editor: Beauty Filter (gb.artfilter.tenvarnist)
  • Photo Editor: Retouch & Cutout (de.nineergysh.quickarttwo)
  • Photo Editor: Art Filters (gb.painnt.moonlightingnine)
  • Photo Editor – Design Maker (gb.twentynine.redaktoridea)
  • Photo Editor & Background Eraser (de.photoground.twentysixshot)
  • Photo & Exif Editor (de.xnano.photoexifeditornine)
  • Photo Editor – Filters Effects (de.hitopgop.sixtyeightgx)
  • Photo Filters & Effects (de.sixtyonecollice.cameraroll)
  • Photo Editor : Blur Image (de.instgang.fiftyggfife)
  • Photo Editor : Cut, Paste (de.fiftyninecamera.rollredactor)
  • Emoji Keyboard: Stickers & GIF (gb.crazykey.sevenboard)
  • Neon Theme Keyboard (
  • Neon Theme – Android Keyboard (
  • Cashe Cleaner (
  • Fancy Charging (
  • FastCleaner: Cashe Cleaner (
  • Call Skins – Caller Themes (
  • Funny Caller (
  • CallMe Phone Themes (
  • InCall: Contact Background (
  • MyCall – Call Personalization (
  • Caller Theme (com.caller.theme.slow)
  • Caller Theme (com.callertheme.firstref)
  • Funny Wallpapers – Live Screen (
  • 4K Wallpapers Auto Changer (de.andromo.ssfiftylivesixcc)
  • NewScrean: 4D Wallpapers (
  • Stock Wallpapers & Backgrounds (de.stockeighty.onewallpapers)
  • Notes – reminders and lists (

Leave a Reply

Your email address will not be published. Required fields are marked *