Malware-loaded apps from single creator downloaded over 500,000 times on Google Play

A security researcher has uncovered 13 malware-ridden apps, all created by the same individual, that had racked up over 560,000 installs from the Google Play app store before being removed, with two of the apps even promoted within the stores Trending section.

Lukas Stefanko, a security specialists at ESET, identified the apps, which were all masquerading as various Car Simulator games. The apps used misleading thumbnails and false in-game screenshots to draw in users, but when launched, they simply show a Made with Unity logo before apparently crashing a few seconds later.

After crashing, the apps hide their own logos to make uninstalling them more difficult, and download an additional APK in the background which then displays adverts when the phone is unlocked. In addition, the malware contained within the apps could give itself access to a devices network traffic, potentially allowing the developer to steal personal data.

The apps were all developed by Luiz O Pinto, although whether this is a real name or an alias is unclear. Many had reviews that averaged out to three or more stars, although these were likely fake or paid-for, given the actual performance of the apps.

The scale of this particular malware scam, along with the fact that several of the apps were able to make it into Google Plays Trending section, is the latest reminder for consumers that they need to be vigilant when it comes to accessing apps, and another sign that Google needs to improve security measures if it wants consumers, publishers and advertisers to view the Google Play store as a safe environment.