Android fans have been hit by numerous warnings over the past few months but the latest alert could be the most shocking yet.
The Google operating system remains hugely popular with it installed on billions of devices across the globe but it continues to come under attack from malicious apps that can attempt to access personal data or install adware which can make hackers huge amounts of money without the user ever knowing.
Google has a rigorous security programme which often blocks these applications from appearing on its Play Store but a new report from the team at Symantec has found hackers may have found a way to bypass this.
The online security firm has discovered apps which appear to be safe until they are downloaded.
When first installed, the app’s icon is visible on the device, enabling the user to open and interact with the app normally. However, unbeknownst to the user, a request is made in the background via a third-party service to download a remote configuration file.
Symantec says it was able to intercept these files and spotted several different configurations including one that can toggle the app’s icon-hiding behaviour, as well as other advertisement-related settings.
This means the attackers can hide the app from your phone but then use it to begin displaying advertisements, which are shown even when the app is closed.
Full-screen advertisements are then displayed at random intervals with no app title registered in the advertisement window, so users have no way of knowing which app is responsible for the behaviour.
Symantec has also discovered that, unlike the previous hidden app malware, this batch does not have the icon-hiding function hardcoded in the APK.
Instead, the switch is controlled remotely via the downloaded configuration file, allowing the malware developer to evade Google Play’s rigorous security testing.
It’s thought that the offending software has been downloaded over two million times.
Google removed all of the apps from its store earlier this month but it highlights the issue of downloading applications from an unknown source.
It’s always a good idea to only download apps from developers with a good track record and it’s always worth checking the reviews as bad scores usually mean other Android users may have faced issues.
Here are some top tips from Symantec to help you say safe.
• Keep your software up to date.
• Do not download apps from unfamiliar sites.
• Only install apps from trusted sources.
• Pay close attention to the permissions requested by apps.
• Install a suitable mobile security app to protect your device and data.
•. Make frequent backups of important data.
This latest news comes as Android users have been urged to check their phones immediately.
Anyone with either the “Sun Pro Beauty Camera” or “Funny Sweet Beauty Camera” is putting their phone at risk of being infected by adware.
That’s according to a new security report from Wandera that emphasised the adware in question could brick devices, drain battery life or completely infect them to the point they need replacing.
The firm noted that combined, both apps have been downloaded over 1.5 million times from the Google Play Store and have received a cavalcade of negative reviews for intrusive adverts.