Our phones, tablets and any computer device are vulnerable to attacks if we are not careful. One easy way that cyber attackers get into our devices is through the apps we install. A recent research by CyberNews research team uncovered a strange network of cyber attackers. This secret group has at least 27 app developers with 101 apps. Together, these suspicious apps currently have over 68 million installs. This strange network seems to be copying each others apps and most of their apps are identical to popular. According to CyberNews, there is much about this network that is weird.
Why these apps shouldn’t be on your phone
- They require a huge amount of permissions
- The associated website for all the apps has a similar incomplete Firebase “website,”. They all have the same URL structure
- Within this strange (dangerous) network, the APKs are obvious duplicates
- Some APKs were clearly stolen from other, more popular app developers
- You easily spot the duplicates when you compare the stolen apps side-by-side
- Each developer has a two-part name – seemingly a first name and last name (mostly western names). Furthermore, some of the names of the developers are obviously fake. For example, the developers Lukas Podolskies and Kylian Mbapee are definitely not real. This is because Kylian Mbappé (French) and Lukas Podolski (German) are popular figures (footballers). Why will a developer use the name of a popular figure to develop an app? We can only think that its because they are trying to profit in a very aggressive way.
Permissions that these suspicious apps require
There is still more proof that these apps are malicious and dangerous. By simply looking at the required permission, you can know that they pose a privacy and security risks. Here are some examples Let’s take some examples:
- Call recorder app: Wants permission for access to the camera (for images and videos)
- Calculator app: Needs permission for access to the camera
- Dual account app: Requires permission to access your GPS, camera, microphone, body sensors, and calendar. It also want to view and edit your contacts, view and edit your files, check your phone status, and much more
- Photo editor app: wants to record audio
- Memory booster app: needs your exact location
- Phone cooler app: needs to view and edit your files, read your phone status and get your location
If you carefully look at the permissions above, you will see that they are absolutely not necessary. The permissions are far from the core function of the app. The big question is “WHY DO THESE APPs REQUEST FOR THEM”?
What harm could these suspicious apps do?
These apps are most likely stealing your data (personal images/videos, location, documents) and selling to the highest bidder. Since their connection is hidden and they are operating from an unknown source, nobody knows who they are. Once you grant these permission(s), apps can launch ransomware and operate your device (make phone calls, send messages, etc). Besides these, the apps are most-likely bad and provide poor services. This is true for most cloned apps especially when it’s flooded with ads.
Now, to some important information that you may want to know, here is the list of 27 developers on the strange network
|Developer name||Installs||No. of apps|
|ProCam – HD Camera||1,710,000||6|
|Fruit VPN – Better Connect||5,000,000||1|
Most importantly, for the names of the apps that you need to delete, see the list below