Android: malicious apps have been on Google Play for two years

In the last two years, some malicious apps have been found in the Google Play Store, compromising the security of Android users.

One example is the Mandrake malware, which was discovered in five applications with a total of 32,000 downloads before being removed in March 2024. These apps managed to remain in the Google Play Store thanks to advanced hiding and parsing avoidance techniques.

In addition, more than 90 malicious applications were discovered, with more than 5.5 million installations, containing various forms of malware, such as Anatsa and various forms of adware. These applications appeared as productivity tools, photo applications and other popular categories.

Read also: One UI 7: The devices that will be upgraded to Android 15

The applications that were infected with the Mandrake malware are:

1. AirFS - File sharing via Wi-Fi by it9042

• 305 downloads between 28 April 2022 and 15 March 2024.

2. Astro Explorer by shevabad

• 718 downloads from 30 May 2022 to 6 June 2023.

3. Amber by kodaslda

• 19 downloads between 27 February 2022 and 19 August 2023.

4. CryptoPulsing by shevabad

• 790 downloads from 2 November 2022 to 6 June 2023.

5. Brain Matrix by kodaslda

• 259 downloads between 27 April 2022 and 6 June 2023.

Google has removed these apps and is constantly strengthening its security measures, such as Google Play Protect, to protect users from known versions of this malware. However, the presence of these apps for such a long period of time underscores the need for stricter controls before publishing apps to the Google Play Store.

Read also: Samsung: will acquire an artificial intelligence startup to improve Galaxy AI personalisation