Researchers warn new malware campaign is pulling out all the stops to avoid Play Store detection

Malware poses anevolving and omnipresent threat, and despite their best efforts, app stores like Google’s arevulnerableto unknowingly being used for distribution. The Play Storeregularly removes appsand bans developers flouting rules intended to stopadware, spyware,malware, and other annoying apps you’re better off without. In response, developers of these applications try every trick in the book to dodge Google’s checks. Today we’re learning about some apps that have been automatically changing their name and icon after installation, so they can stay undetected on your phone while bombarding you with ads.

The crew atBitdefenderrecently identified 35 apps abusing this method to make it harder for you to find the culprit responsible for ad spam and malicious ads. The apps have accrued over two million downloads combined.

4

Once installed, these apps rename themselves to match a system app like Settings to help stay hidden. Their icon also changes automatically to match, and tapping redirects unsuspecting users to the real Settings app on their phone. Some of these request you to disable battery optimization and grant permission to display over other apps — which we’d hope would be red flags. Apps can abuse these permissions to start foreground services notifications and simulate users clicks on ads for financial gain.

Bitdefender says it used a new real-time behavioral technology to identify the adware. Based on patterns in the app naming style, developer emails, and listed websites, it believes all the apps could be the handiwork of a single individual or group. As for what you can do to stay safe, the security experts suggest the standard advice likedeleting unused apps, not installing ones you don’t really need in the first place, and being on the lookout for unusual permission requests.

A drawing of a phone with a lock on it surrounded by malware bugs.

The note-taking app I should have used all along

Broader branding hints at wider paid-tier ambitions

Browsers

Expanded dark theme is here

Boost Mobile sees changes, too

Samsung Notes logo in front of image containing S Pen and devices using Samsung Notes

It’s time to sniff out the culprit

M3 Expressive now refreshes the chat screen

Google Home icon with some gadgets around it.