If you have an Android phone or tablet, here are four new apps to beware of. These have already been flagged as malware by Malwarebytes Labs, but Google hasn’t removed them from the Play Store yet. So it’s worth trying to beware of these if you don’t already have them on your devices, and trying to uninstall them as soon as possible if you’ve managed to download them already.
If you have these apps installed, you should definitely delete them from your phone or tablet
The four apps detected by Malwarebytes are Bluetooth Auto Connect, Bluetooth App Sender, Driver: Bluetooth, Wi-Fi, USB and Mobile transfer: smart switch (we will not send links to them, for obvious reasons). Together they have over 1 million downloads from the Google Play Store, but only one is extremely popular (Bluetooth Auto Connect).
It seems that the developers of these apps have managed to trick Google’s verification systems by delaying the appearance of malicious effects. Each of these apps waits up to 72 hours before they start infecting the device. In this case, it is adware, i.e. displaying ads on the device, but also attempting to collect personal data from users by displaying phishing links in the browser.
Apparently these “symptoms” occur every two hours of use, regardless of whether or not the phone is in active use.
Fortunately, other users who have downloaded these apps have debunked them with negative reviews, saying exactly how they behave after the 72 hours of “quiet”. For now, however, Google has done nothing about these apps, even days after they were reported as malware. So protection remains in the hands of customers for now, who should be wary of such malicious apps.
Presumably, after they are removed from the Play Store, the Play Protect system will scan users’ phones and warn them about possible malware infections. In some situations, this system may even uninstall malicious apps automatically.