The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised Nigerians against installing apps from Mobile Apps Group, an offending publisher on the Google Play Store.
The Group’s products contain Trojans and malware that are harmful to users and their privacy.
In its latest advisory on the incident, (ngCERT) has been observing and monitoring the constant introduction of malicious mobile applications into Google Play Store.
It said the Mobile Apps Group has a history of distributing malware-infected apps through the Google Play store. The current batch of apps has already been downloaded over a million times.
The Harmful Apps:
NCC-CSIRT listed some of the malicious apps as Bluetooth Auto Connect, Bluetooth App Sender, Driver: Bluetooth, Wi-Fi, USB and Mobile transfer: smart switch.
“The apps will delay the display of ads for up to three days after installation to avoid detection. However, once this period has passed, the user is bombarded with advertisements and is directed to malicious phishing websites in the Chrome browser. While the device is idle, the malicious app can open Chrome tabs in the background. Some of the sites it opens may appear to be harmless, but they are pay-per-click pages that generate revenue for the developers when clicked on,” NCC-CSIRT advised.
How it Affects Users:
According to the advisory, the consequences of installing the apps include being bombarded with advertisements and theft of sensitive user data. Clicking on the ads will result in the stealth download or installation of additional malware, which jeopardizes users’ privacy and personal data.
“These unpleasant consequences are avoidable when users refrain from downloading apps developed by Mobile apps Group and ensure to read app reviews before installing any app. Other proffered solutions are for users that may have installed any of the identified malicious apps to immediately uninstall them and to install up-to-date anti-malware solutions to detect and remove malware,” the NCC-CSIRT stated.
NCC-CSIRT rated the malicious activities of the offending apps as high in probability and potential to do damage.