Google removed more than two dozen camera apps from the Play Store today due to a variety of security issues. Many of these apps involved “beautification,” artistic filters for images, and stickers, but all of them had one thing in common: anyone who downloaded them was left vulnerable to malicious ads, hidden icons, and other security problems.
The problems were discovered by Trend Micro, which published a detailed report today naming each malicious app, as well as the problems it found. In some cases, the apps would hide their icons so that users had trouble uninstalling; in other cases, they would obscure the fact they were causing full-screen ads to pop up on the user’s phone every time it was unlocked.
Those advertisements were described as malicious, in some cases directing the users to adult content or phishing websites. According to the report, the attempts to conceal the problem meant users may have been unaware of what app was causing these advertisements to appear.
Perhaps more concerning were instances where apps saved user images to remote servers, where they may have been used for other malicious purposes, such as creating fake social media profiles. Many users were lured in by these apps, which took steps to hide their true nature. The researchers explained that users, in at least some cases, may not have noticed anything unusual about the apps.
Three of the 29 identified apps were installed more than 1,000,000 times each, including Pro Camera Beauty, Emoji Camera, and Cartoon Art Photo. One app, Artistic effect Filter, was installed more than half a million times, and yet another seven were installed more than 100,000 times. The remaining apps ranged from as few as 5+ installations up to 50,000+.