• Source:JND
Add as a preferred

WHAT if we say your photo editing, wallpaper apps and more might be affected by malware that can access your notifications and enrol you in paid subscriptions without your permission? Well, this is true for several apps with over 6.2 lakh installs on the Google Play Store.

Despite Google regularly restricting apps on its Google Play Store, subscription Trojans like Fleckpe continue to mark their presence on the app market, infecting Android devices. Kaspersky, who discovered Fleckpe, said it was active since last year and infected 11 apps.

Also Read: Google Red Flagged 14.3 Lakh Apps, Banned 1.73 Lakh Accounts; Here's Why

In a recent report, the cybersecurity firm shared an update about how these Trojans can go unnoticed during the download process. The company adds these programs gain limelight once a user discovers they were charged for a service they never purchased.

How Fleckpe Works?

As the application starts, it runs a "heavily obfuscated native library" consisting of malicious code. The payload reaches out to the C&C server transmitting information about the country and network code. In return, the server sends a paid subscription page. The Trojan interacts with it in an "invisible" browser. It attempts to subscribe to the service.

In instances where a subscription needs a verification code, Fleckpe reads that from notifications (in case a user has enabled it).

List of Infectious Apps

The screengrab of apps shared in the report includes Beauty Slimming Photo Editor, Photo Effect Editor, GIF Camera Editor Pro.

The Hacker News shared a list of the applications executing the malicious operations.

1) Impressionism Pro Camera

2) Beauty Slimming Photo Editor

3) Photo Camera Editor

4) Microclip Video Editor

5) GIF Camera Editor

6) Beauty Photo Camera

7) HD 4K Wallpaper

8) Fingertip Graffiti

9) Beauty Camera Plus

10) Night Mode Camera Pro

11) Photo Effect Editor

Status of affected apps

Kaspersky adds that the affected applications have been knocked out of the app market. However, the firm speculates more apps could go live soon.

Also Read: Google Play Store Will Now Display Prompts To Update Apps That Crash Often

Affected users

The report claims users in Thailand, Singapore, Indonesia, Poland and Malaysia became targets of Fleckpe.

How to be safe?

To ensure safety, make sure you install applications from trusted developers on Google Play Store. Do not allow unnecessary permissions to apps. Lastly, consider installing a good antivirus app to stay protected from emerging threats.