Android owners should try to have a bit of security software running on their phones and tablets, but news today from a security group makes that even more important.
This week, ESET has chimed in with bad news for anyone who has downloaded specific apps that contain the names of popular games on the Android operating system, as it has been revealed that some of these have malware built inside.
Not all games are affected, thankfully, and technically it’s a very, very small amount of apps that have this security problem, but if you’ve downloaded anything on an Android device with the phrase “Deer Hunter 2015”, “Batman 2”, “Hitman Sniper 2”, “The Walking Dead 2”, “Minecraft 3” (there’s not even a Minecraft 2, how is there a third version?!), or a sequel to another game or app that doesn’t have a sequel in real life, it is very possible you have downloaded a form of virus.
It’s not only fake games that are a problem, with ESET reporting that this whole thing came as a result of someone faking “Dubsmash”, an app made for iOS and Android that works as a sort of video-based instant messaging.
There is a real “Dubsmash” app, which we do need to point out, but there are also a bunch of fake ones, and it’s the fake ones which need to be uninstalled pronto. Like the fake video games with their names with sequels, if you have a “Dubsmash” installed with a “2” or a “3” in the name, you’ve been tricked and have a piece of malware lurking on your device.
So what does this thing do?
According to ESET, the app hides its launch icon after that first launch and runs in the background, accessing pornography pages to make money for the person who setup the virus.
Unfortunately, this malware has been installed over 50,000 times, and while ESET has pinged Google to get them down, there were previously over 50 apps online that featured this malware inside, meaning if you have downloaded “Traffic Racer 2”, “Maps & Guide: GTA 5”, and “Followers for Instagram” — three more apps with this malware lurking inside — you may not only be making money for a malware creator, you’re also running a form of malicious code that could be leaving your phone and information on it exposed.
“Following ESET’s notification, Google has pulled all the reported malware-ridden apps from its store and now also reports some of them as potentially harmful applications using its built-in security service,” says Lukáš Štefanko, a Malware Researcher at ESET.
“A telling characteristic they all share is mainly the fact that they have been uploaded by the same developer, using the same Android/Clicker [malware], with a capability to avoid Google malware filtering each time,” concludes Štefanko.
That last point Štefanko makes has to do with Google Play’s app store scanning, because these apps have found a way to circumvent the malware check Google’s online app system looks for, which isn’t good.
On the plus side, Google is on top of it and is apparently working to fix the issue, engaging some of the security services built into Android to warn people of the dangers of apps featuring this security flaw.
But if you don’t trust yourself and are unsure where this will go in the future, a better solution might be to install one of the many mobile security apps available on the Android platform.