Google has deleted 29 malicious “beauty camera” apps that were sharing pornographic content and forwarding users, particularly in India, to phishing websites to steal their information.
Some of these Android apps have been downloaded millions of times and a large number of the download counts originated from Asia — particularly in India, said a report from US-based cyber security firm
The apps have now been removed by Google from the Play Store.
“A user downloading one of these apps will not immediately suspect that there is anything amiss until they decide to delete the app,” said Trend Micro.
The app will push several full-screen ads when users unlock their devices, including malicious ads (such as fraudulent content and pornography) that will pop up via the user’s browser.
“During our analysis, we found a paid online pornography player that was downloaded when clicking the pop-up,” the report added.
None of these apps gave any indication that they were the ones behind the ads, thus users might find it difficult to determine where they’re coming from.
Some of these apps redirected to phishing websites that asked the user for personal information, such as addresses and phone numbers.
“For example, the package com.beauty.camera.project.cloud will create a shortcut after being launched. However, it will hide its icon from the application list, making it more difficult for users to uninstall the app since they will be unable to drag and delete it,” Trend Micro noted.
Furthermore, the camera apps used packers to prevent them from being analyzed.