Detects many malicious Android applications that hide icons themselves to make it harder to uninstall

Threat researchers at Australia-based SophosLabs have found 15 Android apps, apparently doing nothing but displaying ads on the device. These programs have product names and descriptions from QR readers on Android to photo editing.

More mischievously, they also hide their icons to make it harder for users to uninstall from their phones. Some of them even disguise themselves with other names and symbols in the settings to keep them from being detected.

Sophos gives an example of the Flash On Calls & Messages application (free.calls.messages). When launched, it will display a message saying 'This app is incompatible with your device!' (This application is not compatible with your device). It then opens the Google Play Store to the Google Maps page to trick users into thinking that the Maps app is having a problem.

After that, it hides the icon and the user cannot find it in the launcher anymore. Other apps on the list also do this, maybe not right at first launch. Some will wait a bit longer after the installation is installed before hiding the icon.

Worse still, some of these malicious apps try to avoid being removed by using different names and icons in Android settings. Up to 9 in the 15 apps that were detected use this tactic to stay undetected.

The disguised application will mimic harmless programs or even essential system functions by using names like: Update / Update, Back Up / Backup, Time Zone Service, even Google Play Store.

Researcher Andrew Brandt summarized for users how to find and remove these malicious Android apps:

If you suspect that the installed application has hidden an icon in the application tray, go to Settings (wheel icon) and go to Notifications. The most recently opened applications will appear at the top of this list. If there are any applications that use the generic Android icon (the top of the Android icon, green) and use the system function name, tap the icon and press Force stop , then is Uninstall . A real system application will have a Disable button instead of Uninstall and you don't press Disable.

These 15 malicious applications have been removed from Google Play Store. However, according to Google Play statistics, these applications have been downloaded and installed on 1.3 million devices worldwide. Sophos also noted that there may still be more applications like this still exist on Google Play.

Embedding ad code in applications is a long-term way for developers to offset their costs, helping to create free or cheap applications. However, because of carelessness or some bad purpose, they created adware and pretended it was a useful application.

Therefore, you should be very alert and careful when installing free, discount Android apps, even though they are downloading from the Google Play Store.