The Haken malware obtains sensitive data from victims and secretly signs them up for expensive premium subscription services.
The eight apps that were found have since been removed. Users have collectively been downloaded 50,000 times. These apps were utilities and children’s games, including “Kids Coloring,” “Compass,” “qrcode,” “Fruits coloring book,” “soccer coloring book,” “fruit jump tower,” “ball number shooter” and “Inongdan.” The apps legitimately function as advertised, but in the background covertly perform an array of malicious functions.
“Haken has shown clicking capabilities while staying under the radar of Google Play,” said researchers from Check Point Research. “Even with a relatively low download count of 50,000+, this campaign has shown the ability that malicious actors have to generate revenue from fraudulent advertising campaigns.”
Google Play store has been battered with new variants of malware try and stay clear of random free apps that are unknown.