Such malware-laden apps hide as wallpaper apps, messaging apps, and apps that “clean” the inner workings of your phone
The attackers seek to infect as many phones as possible while keeping their apps listed in the Google Play Store for as long as possible. These apps usually are listed under popular categories such as personalization (wallpaper and lock screen apps), beauty, editor, communication (messaging and chat apps), photography, and tools (like cleaner and fake antivirus apps).
How a malware-infected app might sign you up for high-priced subscription services you didn’t ask for
These apps not only ask for a large number of permissions, some of the permissions asked for also don’t make sense. For example, a wallpaper app containing malware might ask for permission to access your SMS apps. That is not a permission that such an app would normally need.
Many of these malware-laden apps share the same UI, icons, and buttons. In the developer profile, look for fake developer names and fake email addresses. In the listing, watch out for spelling mistakes and poor grammar.
Even though Google allows you to, do the smart thing and refrain from sideloading apps on your Android phone
The bottom line is that this malware results in victims having to pay significantly higher mobile invoices after getting charged for premium services they didn’t sign up for. And because these apps can escape detection, a huge number of them can be installed before the attack is discovered. This malware belongs in a category known as toll fraud, which accounted for 34.8% of installed “Potentially Harmful Application” (PHA) from the Google Play Store in the first quarter of 2022, second only to spyware.
Look for signs that you’ve installed an app with malware. These signs include rapid battery drain, connectivity issues, phone overheats constantly and is running much slower. Be on the look out for a large number of pop-up ads. And double check your mobile bill every month and look for chargers for services that you don’t remember subscribing to. If you detect any of these red flags, you need to contact your carrier immediately.
Keep in mind that once you’ve been ensnared in this trap, getting your money back from your carrier is unlikely. So the sooner that you can recognize that you’ve been had, the better it is for you.