Security group ESET reveals malware on Google’s app store

Android owners should try to have a bit of security software running on their phones and tablets, but news today from a security group makes that even more important.

This week, ESET has chimed in with bad news for anyone who has downloaded specific apps that contain the names of popular games on the Android operating system, as it has been revealed that some of these have malware built inside.

Not all games are affected, thankfully, and technically it’s a very, very small amount of apps that have this security problem, but if you’ve downloaded anything on an Android device with the phrase “Deer Hunter 2015”, “Batman 2”, “Hitman Sniper 2”, “The Walking Dead 2”, “Minecraft 3” (there’s not even a Minecraft 2, how is there a third version?!), or a sequel to another game or app that doesn’t have a sequel in real life, it is very possible you have downloaded a form of virus.

It’s not only fake games that are a problem, with ESET reporting that this whole thing came as a result of someone faking “Dubsmash”, an app made for iOS and Android that works as a sort of video-based instant messaging.

Lots of fake "Dubsmash" apps. Don't be fooled.
Lots of fake “Dubsmash” apps. Don’t be fooled.

There is a real “Dubsmash” app, which we do need to point out, but there are also a bunch of fake ones, and it’s the fake ones which need to be uninstalled pronto. Like the fake video games with their names with sequels, if you have a “Dubsmash” installed with a “2” or a “3” in the name, you’ve been tricked and have a piece of malware lurking on your device.

So what does this thing do?

According to ESET, the app hides its launch icon after that first launch and runs in the background, accessing pornography pages to make money for the person who setup the virus.

Unfortunately, this malware has been installed over 50,000 times, and while ESET has pinged Google to get them down, there were previously over 50 apps online that featured this malware inside, meaning if you have downloaded “Traffic Racer 2”, “Maps & Guide: GTA 5”, and “Followers for Instagram” — three more apps with this malware lurking inside — you may not only be making money for a malware creator, you’re also running a form of malicious code that could be leaving your phone and information on it exposed.

If you try to install these apps now, you'll get the error message on the left. If you install one, the app will resemble a system icon, and once you press it, it'll disappear and run in the background. Not what you want.
If you try to install these apps now, you’ll get the error message on the left. If you install one, the app will resemble a system icon, and once you press it, it’ll disappear and run in the background. Not what you want.

“Following ESET’s notification, Google has pulled all the reported malware-ridden apps from its store and now also reports some of them as potentially harmful applications using its built-in security service,” says Lukáš Štefanko, a Malware Researcher at ESET.

“A telling characteristic they all share is mainly the fact that they have been uploaded by the same developer, using the same Android/Clicker [malware], with a capability to avoid Google malware filtering each time,” concludes Štefanko.

That last point Štefanko makes has to do with Google Play’s app store scanning, because these apps have found a way to circumvent the malware check Google’s online app system looks for, which isn’t good.

On the plus side, Google is on top of it and is apparently working to fix the issue, engaging some of the security services built into Android to warn people of the dangers of apps featuring this security flaw.

But if you don’t trust yourself and are unsure where this will go in the future, a better solution might be to install one of the many mobile security apps available on the Android platform.

One of the many fake "Dubsmash" apps with malware lurking inside. The bad reviews kind of give it away, but ESET confirms it.
One of the many fake “Dubsmash” apps with malware lurking inside. The bad reviews kind of give it away, but ESET confirms it.

One ESET Malware Expert, Sieng Chye Oh, told us that the ESET Mobile security app does detect this specific type of malware, and we suspect the other security companies will chime in shortly with their own versions doing the same, of which there are certainly quite a few.

As to how you deal with this in the future, it needs to be noted that security problems aren’t going anywhere, and provided there’s money to be made, this will always be a thing.

App store owners Google, Apple, and Microsoft are getting better at picking up on the various apps being pushed through their systems, but no operating system is iron clad, and while Android certainly picks up on quite a few issues of its own, the other operating systems have also seen hacks, too.

For now, the best way to stay on top of security dilemmas comes from being aware of what you install, with that education — indeed, that form of self-education — being key. Install what you need, and if you’re not sure you need it, check out who made the app and what the reviews are before you take the trouble to install it.

Apps you’ve heard of at least have a decent chance of being real, but fake apps aren’t hard to make.

And if you’re at all concerned, make sure to install a security program on your device, because at least that provides a sense of security if the very worst does happen.

This isn’t the first time we’ll see an app store feature malware people, and it certainly won’t be the last.