These Android malware apps have over 1 million downloads — delete them all now

Android malware
(Image credit: Shuterstock)

Security researchers have discovered a group of four new malicious Android apps from the same developer that managed to slip past Google’s defenses and end up on the Play Store by using a bit of trickery.

As reported by BleepingComputer and discovered by Malwarebytes, the malicious apps in question display intrusive ads and annoying pop-ups but they can also infect your Android smartphone with malware.

Even though these four malicious apps have less than favorable reviews on the Play Store, they’ve still been downloaded more than 1 million times combined. This shows that many users click Install before scrolling down to the bottom of a Play Store listing to read reviews. If you want to stay safe from bad apps like these, you should always read their reviews first before jeopardizing the security of your smartphone and your data.

Delete these apps right now

At the time of writing, all of the apps listed below are still available to download on the Play Store despite their developer Mobile apps Group getting in trouble for distributing adware on Google’s official app store twice in the past. 

Malwarebytes’ Nathan Collier provided further insight on the matter in a blog post, saying: “It is disappointing that Mobile apps Group has persisted on the Google Play store after having malicious apps in the past — twice!  It's unclear if previous malicious versions from before January 19, 2022—versions 2.2 and before—were ever caught by Google Play.  Since version 2.3 was clean, it seems likely that the developers were caught and uploaded a clean version.”

If you have any of these apps installed on either your Android smartphone or tablet, you should delete them immediately to avoid seeing intrusive ads or even worse, having your devices infected with malware.

  • Bluetooth Auto Connect - 1,000,000+ installs
  • Bluetooth App Sender - 50,000+ installs
  • Driver: Bluetooth, Wi-Fi, USB - 10,000+ installs
  • Mobile transfer: smart switch - 1,000+ installs

Lying dormant to avoid detection

Slipping past Google’s defenses and ending up on the Play Store can be difficult for malicious apps which is why these four apps from Mobile apps Group wait 72 hours before showing ads or opening phishing links in a user’s browser according to Malwarebytes.

From here, the apps open additional phishing pages or display intrusive ads every two hours, even when a device is locked. Once a user unlocks their Android phone or tablet, they will find phishing sites and ads open in their browser.

By hiding their malicious behavior for three days, these apps were able to bypass security screenings that took place before they were listed on the Play Store. Still, the negative reviews that mention spam and intrusive ads should have caught Google’s attention. It’s also worth noting that Mobile apps Group did respond to many of these negative reviews but the developer tried to convince dissatisfied users to upgrade to the paid versions of its apps instead.

Tom’s Guide has reached out to Mobile apps Group regarding these apps and their malicious behavior, but we’ve yet to hear back at the time of publishing. However, we’ll update this piece when and if we do hear back.

How to stay safe from malicious apps and adware

smartphone malware

(Image credit: Shutterstock)

To avoid falling victim to mobile malware and adware, you should carefully consider the pros and cons of any new app you want to install first. Do you really need this app in the first place? From here, you should take a look at reviews but it’s also a good idea to look for external reviews (preferably video reviews) since reviews on the Play Store can be faked.

Once you install a new app, you should monitor the battery usage and network data activity of your Android smartphone to make sure this new app isn’t doing anything deceptive in the background. You'll also want to be careful about which permissions you grant to any new app you install as permissions can be abused to show unwanted ads or infect your smartphone with malware.

While you should ensure that Google Play Protect is enabled on your devices to scan for malware in the background, you may want to install one of the best Android antivirus apps for additional protection as well. The best identity theft protection services can also be helpful when recovering from a malware infection

Malicious apps and adware are an easy way for cybercriminals, hackers and spammers to make money and steal your data, so this problem isn’t going away anytime soon. This means that you need to remain vigilant and be extra cautious when installing new apps on your devices.

Anthony Spadafora
Senior Editor Security and Networking

Anthony Spadafora is the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to password managers and the best way to cover your whole home or business with Wi-Fi. Before joining the team, he wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.