They discover a new virus in highly downloaded applications from the Google Play Store

In May of last year, Google announced in its keynote something that many users had been demanding: that the Play Store application store have its own malicious app scanner. Yes, it is assumed that if a utility is found in the official Google repository, it will not contain any malicious code or pose a danger to the user. Big mistake: there is not a year in which we do not come across, for example, flashlight applications that request too many permissions for what is their natural function.

7 dangerous apps have been removed from the Play Store

This is how Play Protect was born, a security system that, in the long run, has been seen as less effective than Google's developers intended. SophosLab, a British company specializing in software and hardware security, has been the one that has discovered a new massive leak of applications that, inside, harbored malicious code. Apparently harmless applications (and have passed all Play Protect security checks).

In total, cybercriminals have managed to sneak into Google seven applications with viruses inside, 6 of them QR code readers and the rest disguised as a harmless compass application. According to information posted on the ZDNet site, these seven applications have managed to circumvent Google's protection system thanks to a complex virus coding system and the delay in the effectiveness of the virus once the application was installed.

Once a user downloaded and installed one of the seven malicious apps on their phone, it waited about six hours before it began launching the attack. When the time came, the application in question filled the user's phone with ads and spam, automatically opened unsolicited pages when we browsed the Internet, and, even launch personalized notifications so that the user would think it was a legitimate app and, in the end, end up clicking on it.

Play Protect, in question

All this activity generated by cybercriminals had a clear purpose: for the user to end up, even if it was unintentional, placing their finger on one of the ads that appeared without warning and, thus, being able to enter somenumerous benefitsThis attack is especially delicate, since the application itself was not necessary for the user to be deceived: they only had to launch ads and manipulate the browser so that we fell into their networks irremediably.

This malware, which has already been nicknamed with the code name Andr/HiddnAd-AJ, has affected, to date , to at least one million Android users. It is believed that the number may be higher, since one of the applications, whose name has not been revealed, has been downloaded more than half a million times. And we are talking about seven applications in total. At present, these seven apps have been removed entirely from the Play Store app store. We know, however, the names of 4 of them:

• QR Code / Barcode developed by Vipboy
• Smart Compass, developed by TDT App Team
• QR Code Free Scan, developed by VN Studio 2018
• QR & Barcode Scan, developed by smart.sapone

How to avoid viruses in Android applications when we can't even trust their official repository? A question that invades us when reading news like this. Clearly Play Protect doesn't work as it should, either because cybercriminals are always one step ahead or because developers haven't fully polished this security system. security. The only advice we can give you from your expert is that if you ever see an unexpected window on your phone or strange notification, dismiss the window from the multitasking screen and uninstall any applications you have recently installed.