Researchers discovered several photo editing and beauty apps in Google Play Store stealing users photos.

At least 29 apps were discovered containing code capable of performing several malicious activities on the user’s phone.

Several apps also use packers to prevent them from being analyzed.

The apps have been now removed from the Google Play store

Security researchers have discovered several photo editing apps in Google Play Store stealing users photos.



Researchers from Trend Micro labs have discovered at least 29 photo editing and beauty apps in the Google Play Store containing code capable of performing malicious activities in users phone.



The malicious apps have been already downloaded by 4 million users before Google removed it from play store.



“We discovered several beauty camera apps (detected as AndroidOS_BadCamera.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes.” said in the blog post published by Trend Micro researchers.



The apps once installed immediately will not show any suspicious behaviour until users try to delete the app. After installing, it will create a shortcut and hides its icon from the application list.



The apps also use packers to prevent them from being analyzed.



Some apps push full-screen ads on users device for fraudulent or pornographic content whenever users unlock their devices.



Some apps redirect users to a phishing website and attempt to steal their personal information. Users are tricked by saying they have won some contest and asks their personal information such as addresses and phone numbers.



Researchers also discovered another set of photo filter or beautifying apps containing malicious codes which upload users photos to a remote server controlled by the attacker.



In these apps instead of showing of the final result of the edited photo, users are shown a fake update prompt in nine different languages which then is redirected to a phishing website.



Users are advised to always check the legitimacy of the apps before downloading it. Always check the reviews of the apps before downloading it and avoid installation if any suspicious behaviour were reported



Here below is the full list of malicious apps and no of users downloaded it:

APP NAME NO OF INSTALLS Pro Camera Beauty

1,000,000+

Cartoon Art Photo 1,000,000+ Emoji Camera 1,000,000+ Artistic effect Filter 500,000+ Art Editor 100,000+ Beauty Camera 100,000+ Selfie Camera Pro 100,000+ Horizon Beauty Camera 100,000+ Super Camera 100,000+ Art Effects for Photo 100,000+ Awesome Cartoon Art 100,000+ Art Filter Photo 50,000+ Art Filter Photo Effcts 10,000+ Cartoon Effect 10,000+ Art Effect 10,000+ Photo Editor 5,000+ Wallpapers HD 5,000+ Magic Art Filter Photo Editor 5,000+ Fill Art Photo Editor 1,000+ ArtFlipPhotoEditing 1,000+ Art Filter 1,000+ Cartoon Art Photo 1,000+ Prizma Photo Effect 1,000+ Cartoon Art Photo Filter 100+ Art Filter Photo Editor 100+ Pixture 100+ Art Effect 50+ Photo Art Effect 10+ Cartoon Photo Filter 5+

For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin and Twitter.