Trend Micro said that it found over 40 fake cryptocurrency apps with the potential to steal crypto along with the user’s information. Trend Micro mentions apps like Enjoy Photo Editor, Cryptomining Farm Your own Coin, Panorama Camera, Daily Fitness OL, Swarm Photo, Photo Gaming Puzzle, Business Meta Manager, and many more (via Phone Arena). The company didn’t offer a complete list of the 200+ apps that contain the Facestealer spyware. But a chart published by Trend Micro details the most vulnerable app categories. As you can see below, 125 of 200 malicious apps come under “Other,” while the VPN category takes the second spot at 42. Around 20 of these come disguised under camera apps, while 13 of them claim to be photo editing applications, the report says.
What should users do?
Fortunately, Google has removed all 200 apps from the Play Store. However, if you have any of the apps mentioned above, we recommend deleting them immediately. Although Trend Micro only provides the names of just seven apps, users should remove any app that looks suspicious. Stay away from relatively unknown apps (low ratings) that claim to provide photo editing, camera filters, or VPN services. If you’ve identified the malicious app on your own and have deleted the app, the job may only be half-finished. Users should also change passwords for their social media accounts as an additional precaution. It is also wise to enable two-factor authentication on such sites if you haven’t done so already. Security researchers worldwide have uncovered multiple malware and security loopholes over the past several months. Most of these apps are available via the Play Store, which can confuse most users. This is because of the assumption that if an app is on the Play Store, it is safe to download. While safety features like Google Play Protect are already in place, it’s clear that the company has to do more.