Cybersecurity experts recently released a warning about a malicious version of a popular app for the creation of PDF images, which was distributed through Google Play Store, the official store for Android-based applications.
The app contained mechanisms for downloading malware to the users’ devices. As a result, victims could find themselves subscribed to paid services, which they did not request.
According to the platform’s statistics, the app had been installed more than 100 million times. Google Play Store has immediately withdrawn the app following Kaspersky’s notification of the malicious content.
While researching the compromised app, Kaspersky researchers discovered a malicious “dropper” — a shell that brings a malware — that was there to introduce a malicious downloader on the user’s device.
This downloader, was then used to download malicious files onto the user’s smartphone. The functionality of these malicious files varied depending on the intentions of the malware developers, but the samples analyzed by Kaspersky researchers displayed intrusive ads and signed the user up for paid subscriptions.
Shortly after removal from Google Play Store, the developer of the app published a statement stating that the incident happened due to third-party advertisement provider.
To stay safe, Kaspersky recommends:
– Remembering that even the apps from official stores with a loyal user base could be modified and include malicious elements
– Installing system and application updates as soon as they are available — they patch vulnerabilities and keep devices protected
– Using use a reliable security solution for Android and scanning your smartphone from time to time, to make sure it stays protected.