Google has removed 29 photo editing and beauty apps from its Google Play Store.
People’s desire to beautify themselves for social media photos has hastened the spread of apps that allow users to airbrush and otherwise modify their selfies and other photos. But it turns out a lot of these apps have been stealing photos or even spying on users. The designers who made the apps in question also programmed them to fill users’ phones with full-page ads and steal data by tricking users into believing they won a contest.
Trend Micro, a security intelligence blog, confirmed this news. Some of these “beauty apps” would even send pornographic content to users smartphones everytime they opened the app.
The malicious apps had already been downloaded millions of times by the time they had been pulled from the Play Store. Most of the downloads originated from Asia, specifically India. The developers even managed to “hide” the apps once they were downloaded. These apps did not appear in the installed apps list, so users would often forget that they had even installed the app (and could likely have a hard time deleting them without special instructions).
According to Trend Micro, the apps used a variety of tactics to avoid detection and deletions. Many of the apps did not send notifications to users when running on their phones; some compressed the malicious code so it couldn’t be detected instantly; while others ran the code on remote servers.
The beauty apps also tricked users into giving up their personal information. Some asked users several questions and then forced them to enter their info before revealing the information users wanted from the program. Other apps sent photos to a remote server for editing and beautifying (and, of course, kept a copy).
Some apps never returned the photos at all, instead simply displaying a picture with a fake message informing users that they needed to update the app. Trend Micro believes that the stolen photos were used in other nefarious acts, such as providing photos for fake social media accounts.
In total, the 29 malicious apps were downloaded more than 4 million times. Three of the apps alone accounted for more than 3 million of the downloads. Trend Micro noted that:
“These apps seemingly allows users to “beautify” their pictures by uploading them to the designated server. However, instead of getting a final result with the edited photo, the user gets a picture with a fake update prompt in nine different languages. The authors can collect the photos uploaded in the app, and possibly use them for malicious purposes—for example as fake profile pics in social media.”
It was easy for users to be fooled by these apps as they were often impossible to distinguish from credible ones. The only real warning for users was in the reviews of some apps.
Unfortunately, this isn’t the first time that Google has had to delete malicious apps from the Play Store. It will be important to keep track of the ways in which Google attempts to resolve these issues since they continue to pop up.
