Member Login
menu

Researchers Found 16 Battery-Draining Android Utility Apps With A Clicker Trojan

Android evil, Get it on Google Play”

Free apps are meant to be free. This is why many free apps show ads. But sometimes, what's in the background is questionable.

If there is anything worse that free Android apps with ads, is Android apps that bombard users with intrusive ads once every few taps. But according to a blog post by McAfee's threat research team, there is something much worse that that.

And that is apps that can create click frauds by "automatically crawling ads in the background."

These apps are considered "fleeceware," known for their sneaky ad-clicking behavior.

These apps generate fake clicks for money by accessing various websites without the approval, or even the knowledge of the owners of the phones they were installed on in the first place.

The cybersecurity firm found 16 apps that managed to collect a combined more than 20 million Google Play Store installations.

The apps include:

  1. High-Speed Camera (com.hantor.CozyCamera).
  2. Smart Task Manager (com.james.SmartTaskManager).
  3. Flashlight+ (kr.caramel.flash_plus).
  4. 달력메모장 (com.smh.memocalendar).
  5. K-Dictionary (com.joysoft.wordBook).
  6. BusanBus (com.kmshack.BusanBus).
  7. Flashlight+ (com.candlencom.candleprotest).
  8. Quick Note (com.movinapp.quicknote).
  9. Currency Converter (com.smartwho.SmartCurrencyConverter).
  10. Joycode (com.joysoft.barcode).
  11. EzDica (com.joysoft.ezdica).
  12. Instagram Profile Downloader (com.schedulezero.instapp).
  13. Ez Notes (com.meek.tingboard).
  14. 손전등 (com.candlencom.flashlite).
  15. 계산기 (com.doubleline.calcul).
  16. Flashlight+ (com.dev.imagevault).

The first sneaky thing the developers did, was giving generic names to the apps. This makes it easy for most people to mix up the titles with legitimate titles.

The second sneaky thing, is the way the apps work.

As sneaky as they can get, the fleeceware apps McAfee found are good in hiding their true intentions.

First, the apps behave like they should, nothing bad at first. But after a few hours, the malicious activities will start.

Read: 'Fleeceware', And How 'Good Apps' Take Advantage Of Google Play Policy Loopholes

9 of the 16 malicious apps the researchers at McAfee found
9 of the 16 malicious apps the researchers at McAfee found. (Credit: McAfee)

While the apps don't engage in privacy violation like password phishing or any attempts to break into bank accounts or cryptocurrency wallets by these clickers, the sneaky ad-clicking behavior that happens in the background can significantly impact victims' devices' battery life.

And since the apps run extensively in the background, they may consume resources that may also impact the devices' overall functionality and performance, as well as mobile data consumption.

Google Play Store has been plagued with endless barrage of malicious apps and developers who lurk with ill intentions.

But fortunately, Google is quick to respond whenever researchers reached it for cases like this.

After the team at McAfee contacted Google, the tech giant swiftly removed the apps in question.

While the apps have been removed from Google's official app store, because of Android's nature, the apps still live in third-party app stores.

Published: 
19/10/2022