These Android apps are nothing but adware, but have been installed over 2 million times already - so uninstall now

If you have any of these Android apps, remove them quickly

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers from Dr.Web discovered a handful of Android apps that were pushing ads and stealthily subscribing people to premium services.

The reserachers reported that these trojan apps, all found onGoogle’s officialPlay Storeapp repository, were cumulatively installed roughly two million times.

The apps were pretending to be games, messengers, and wallpaper apps, among others, and were mostly distributing three knownmalwarefamilies - FakeApp, Joker, and HiddenAds.

A million downloads

Upon installing one of these apps, they would immediately change their icon on the device, to something the user would reluctantly remove, such as the Chromebrowser. In some cases, the researchers added, the trojans would simply remove their icons altogether, to seem as if there is an empty space in the app drawer.

The apps would then launch in the background, and deliver ads to the victim via their browser. That way, they would generate significant profits for the developers. The ads included things like casino websites, fake investments, and similar - all of which are in violation of Google’s policies.

The biggest trojan that managed to move past Google’s defenses and into the Play Store is Super Skibydi Killer, a game app with a million downloads. Other notable mentions include Agent Shooter (500,000 downloads), Rubber Punch 3D (500,000 downloads), and Rainbow Stretch (50,000 downloads).

There are also apps that subscribe the victim to premium services without their knowledge, including Love Emoji Messenger (Korsinka Vimoipan) with 50,000 downloads, and Beauty Wallpaper HD (fm0989184) with 1,000 downloads.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

While Google removed all of the apps from the Play Store before this article was published, that only protects future potential victims. Those that have already downloaded the apps can only be safe if they remove them from their endpoints. If you suspect your device was compromised, besides the abovementioned apps, look for these:

Eternal Maze (Yana Pospyelova)

Jungle Jewels (Vaibhav Wable)

Stellar Secrets (Pepperstocks)

Fire Fruits (Sandr Sevill)

Cowboy’s Frontier (Precipice Game Studios)

Enchanted Elixir (Acomadyi)

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Quordle today – hints and answers for Saturday, November 9 (game #1020)