Another Batch of Dropper Apps Has Been Discovered on the Google Play Store
Last updated June 23, 2021
TrendMicro has discovered a set of beauty camera apps on the Google Play Store that has been downloaded by millions in India and other Asian countries. These apps promise to soften the rough edges on your portraits and help you make them stand out by sprucing up your facial features. However, users of the malicious set will be met with the serving of pornographic and fraudulent ads, while the apps will try to hide the fact that the annoying full-screen pop-ups originate from them.
According to the TrendMicro analysis, most of the 19 apps of the set are employing active analysis-prevention techniques such as encryption packers. Moreover, they do not create an entry in the Android app drawer but only a shortcut, so they are harder to uninstall by the user. If the pop-ups are clicked, the beauty camera apps launch the browser to serve the ads that lead to the phishing websites. This step has various themes, with one of the most common being a prize-winning page where the user always wins on the third and last try. This will prompt the user to input personal information in a form, required for the handing out of the purported prize. In TrendMicro’s case, the researcher supposedly won a luring iPhone X.
Another subset of these 19 beauty camera apps follows a different approach, of uploading the portrait selfies that users take in the app to their servers. The remote server that collects the pictures sits behind a dual layer of BASE64 encryption, while the user portraits could potentially be used in future ransom campaigns or fake social media profiles.
The full list of the 19 apps can be found in TrendMicro’s report page, but those that surpass a million downloads are “Pro Camera Beauty”, “Cartoon Art Photo”, “Emoji Camera”, and “Artistic effect Filter”. While Google has removed them all from the Play Store already, many people out there are bound to have them in their phones still, so if you do, remove them immediately from the device settings.
Are you a fan of the beautify effect? Let us know in the comments below, and help us warn more of those who like to “touch” their portraits by sharing this story through our socials, on Facebook and Twitter.