Various Google Play "Beauty Camera" Apps Sends Users Pornographic Content, Redirects Them to Phishing Websites and Collects Their Pictures | Cell Phone Spy and Mobile Tracking Software
We discovered several beauty camera apps (detected as AndroidOS_BadCamera.HRX) on Google Play that are capable of accessing remote ad configuration servers that can be used for malicious purposes. Some of these have already been downloaded millions of times, which is unsurprising given the popularity of these kinds of apps. A large number of the download counts originated from Asia — particularly in India. Figure 1. Screenshots of the malicious beauty camera apps on Google Play Technical Analysis A user downloading one of these apps will not immediately suspect that there is anything amiss, until they decide to delete the app. Take, for example, the package com.beauty.camera.project.cloud, which will create a shortcut after being launched. However, it will hide its icon from the application list, making it more difficult for users to uninstall the app since they will be unable to drag and delete it. Furthermore, the camera apps use packers to prevent them from being analyzed.