



Over a million Android users were tricked into downloading dangerous apps that were listed on the Google Play Store. Security experts at Malwarebytes discovered the dangerous software which was loaded with malware that directed unsuspecting users to phishing websites which are designed to steal sensitive, personal data. Thankfully, the four apps have been removed from the Google Play Store – but if you downloaded them before they were delisted then you will need to delete them from your Android device as soon as possible.

The offending apps were all released by a developer called the ‘Mobile apps Group’ whose official website – at the time of writing – is not accessible. The most popular app this developer released on the Play Store was called Bluetooth Auto Connect, with this app releasing back in October 2020 and getting downloaded over a million times. The other offending apps were Bluetooth App Sender, Mobile transfer: smart switch and Driver: Bluetooth, Wi-Fi, USB. One way these apps managed to evade being detected by Android security systems is by delaying its deployment of malicious behaviour. For the first few days after installing these apps it seems that nothing is untoward, but then spam phishing websites start appearing on a victim’s device.

At first, it may seem that these websites aren’t too much to be worried about but as time goes on the pages get more insidious. Malwarebytes explained: “After the initial delay, the malicious app opens phishing sites in Chrome. The content of the phishing sites varies – some are harmless sites used simply to produce pay-per-click, and others are more dangerous phishing sites that attempt to trick unsuspecting users. For example, one site includes adult content that leads to phishing pages that tell the user they’ve been infected, or need to perform an update. “The Chrome tabs are opened in the background even while the mobile device is locked. When the user unlocks their device, Chrome opens with the latest site. A new tab opens with a new site frequently, and as a result, unlocking your phone after several hours means closing multiple tabs. The users browser history will also be a long list of nasty phishing sites.”

While these apps no longer appear on the Google Play Store anyone that has already downloaded them will need to delete it to keep their Android device safe. Here’s how you can delete an app you’ve downloaded from the Play Store on your Android device… Open the Google Play Store app At the top right, tap the profile icon Tap Manage apps and devices. Manage Tap the name of the app that you want to delete Tap Uninstall

