The recently spotted hidden Hiddad malware in Google Play Store has more than 50k+ downloads. Read on to know more about the Hiddad malware…
Security researchers at Quick Heal Security Labs released details about the Hiddad malware being hidden in applications available for download in the Google Play Store. After download, the applications reportedly hide themselves, and at random intervals, display ads (even in other installed applications on a victim’s device), which in turn, earns the developer’s revenue. The malware uses the names of legitimate apps in an attempt to make it even more difficult for a user to find and delete the application. According to the researchers, these types of applications have been downloaded more than fifty thousand times. Google was made aware of the researchers findings, and have removed the malicious applications.
There are couple of applications on play store which hide themselves after installation and display full screen ads after specific time interval. Even if users want to uninstall these applications, they won’t be able to find it in the app manager as it was installed with the name ‘Google Play Service, Google Play Store’ and uses icon of genuine apps such as Google Play Store, default Android icon or YouTube.
The following are some of the security steps to stay safe from fake mobile apps
• Check an app’s description before you download it.
• Check the app developer’s name and their website. If the name sounds strange or odd, you have reasons to suspect it.
• Go through the reviews and ratings of the app. But, note that these can be faked too.
• Avoid downloading apps from third-party app stores.
• Use a reliable mobile antivirus that can prevent fake and malicious apps from getting installed on your phone.
How to Uninstall?
Follow the below steps to uninstall such malicious applications:
• Go to app manager in Setting
• Find out fake Google Play Store
If you still find it confusing, then there is a better way to uninstall such malware, using Antivirus. Antivirus detects malware and prompts to uninstall, and asks for uninstallation of such apps.
Additional Security Tips
Even though Google has removed the Hiddad malware from its Google Play Store, as an added secure process — one may follow these additional security recommendations
• Keep applications and operating systems running at the current released patch level
• Ensure anti-virus software and associated files are up to date
• Verify, through a separate channel, the legitimacy of any unsolicited email attachments – delete without opening if you can’t validate
• Search for existing signs of the indicated IOCs in your environment
• Block all URL and IP based IoCs at the firewall, IDS, web gateways, routers or other perimeter-based devices