Tech giant Google has deleted from its Play Store 29 malicious “beauty camera” applications that were sharing pornographic content and forwarding users to phishing websites to steal their information, US-based cybersecurity firm Trend Micro said.
Trend Micro said in a report that some of these apps had been downloaded more than a million times and that Asia, particularly India, accounted for a large number of the downloads.
The cybersecurity firm said it discovered that many apps were capable of accessing remote ad configuration servers that could be used for malicious purposes, including stealing information and scamming users.
According to Trend Micro, users who downloaded these apps would not immediately suspect anything amiss. Users have to deal with full-screen ads, including fraudulent content and pornography popping up via their browsers.
The company said that since none of the offending apps gave any indication that they were the ones behind the ads, users might find it difficult to determine where they’re coming from. Some of these apps redirect to phishing websites that ask the user for personal information, such as addresses and phone numbers, it said.
“During our analysis, we found a paid online pornography player that was downloaded when clicking the pop-up. Take note, however, that nothing will play, even after the user pays and executes the player," Trend Micro added.
According to Trend Micro, further investigation led to another batch of photo filter-related apps that share similar behavior on Google Play. These apps seemingly allow users to “beautify” their pictures by uploading them to a designated server. However, instead of getting a final result with the edited photo, the user gets a picture with a fake update prompt in nine languages.