Google has removed over 30 popular apps, including the ones that add beauty filters to your photos, from the Play Store after these were discovered to have malicious malware. These apps will not be available for download from the Play Store for new users, but the 20 million users who have already downloaded them need to make sure they uninstall the apps from their phones to avoid security mishaps. Among the 30+ apps, it’s the third-party selfie apps that have found to be most fraudulent. As per security researchers WhiteOps, the apps have the ability to bombard users with unwanted ads and redirect them to websites without ever clicking on a link. It should also be noted that in some cases, it was nearly “impossible” for users to delete these apps once downloaded.

Here are the apps, published by WhiteOps, that have been removed from Google Play Store. If you have them installed, get rid of them as soon as possible.

You should delete these apps from your phone

APPS INSTALLS
Yoriko Camera 1,00,000
Solu Camera 5,00,000
Lite Beauty Camera 1 million
Beauty Collage Lite 5,00,000
Beauty and Filters camera 1 million
Photo Collage and beauty camera 1,00,000
Gaty Beauty Camera 5,00,000
Pand Selife Beauty Camera 50,000
Cartoon Photo Editor and Selfie Beauty Camera 1 million
Benbu Seilfe Beauty Camera 1 million
Pinut Selife Beauty and Photo Editor 1 million
Mood Photo Editor and Selife Beauty Camera 5,00,000
Rose Photo Editor and Selfie Beauty Camera 1 million
Selife Beauty Camera and Photo Editor 1,00,000
Fog Selife Beauty Camera 1,00,000
First Selife Beauty Camera and Photo Editor 5 million
Vanu Selife Beauty Camera 1,00,000
Sun Pro Beauty Cameraa 1 million
Funny Sweet Beauty Camera 5,00,000
Little Bee Beauty Camera 1 million
Beauty Camera and Photo Editor Pro 1 million
Grass Beauty Camera 1 million
Ele Beauty Camera 1 million
Flower Beauty Camera 1,00,000
Best Selfie Beauty Camera 1 million
Orange Camera 5,00,000
Sunny Beauty Camera 1 million
Pro Selfie Beauty Camera 5,00,000
Selfie Beauty Camera Pro 1 million
Elegant Beauty Cam-2019 50,000

You can find the complete list of the apps here.

The aforementioned apps have collectively amassed more than 20 million downloads. WhiteOps explained in its websites that these apps render fraudulent advertising in users’ devices. “What these apps all have in common – besides their fraudulent tactics – is their focus on beauty. Most purport to be selfie apps that add beauty filters to users’ pictures, while at the same time showing ads out of context and making it nearly impossible to remove the apps themselves.”

In the time since that first app was published, the fraudsters published a new app every 11 days on average. Notably, most of these apps were available for a duration of around 17 days each before they were pulled down. “But even with an average of less than three weeks of time on the Play Store, the apps found an audience: the average number of installs for the apps we analysed was 565,833,” the research reads.

If you’re wondering how these apps avoid detection in the first place? Well, the White Ops paper notes that most of these apps use “packers” that are hidden in the APK in the form of extra DEX files. “Historically, packing binaries is a common technique malware developers use to avoid being detected by security software like antivirus. Packed files in Android are not new and can’t be assumed to be malicious, as some developers use packing to protect their intellectual property and try to avoid piracy,” the research paper added.

Apart from this, the developers also use Arabic characters, reducing readability for people, in various places of the apps’ source code to avoid detection. “These numbers tell a story of a cat and mouse game, in which the Play Store hunts down the fraudster and keeps them in check by removing fraudulent apps as quickly as they’re discovered. The fraudster likely developed a more robust mechanism to avoid detection and removal. A batch of 15 apps, all published after September 2019, had a much slower removal rate using those new techniques.”