According to a security report on Sophos’ blog, the 15 offending “utility” apps are really adware that generate frequent, large, intrusive ads onto users’ devices. As mentioned above, they also hide their app icons in the launcher with several disguising themselves in the phone’s App settings page as well.
Some of the apps display the deliberately misleading message: “This app is incompatible with your device” when the user attempts to launch it. In reality, it continues to run in the background, serving up obtrusive ads.
In addition, nine of the discovered apps used deceptive application icons and names to fool the user into thinking they were important system apps. For example, one app posed as a Google Play Store icon. (See below.)
The 15 apps include QR code readers, image editors, backup utilities, a phone finder and even an app designed to scrub your phone of private data. In reality, their chief purpose is to deliver unwanted adware.
The 15 apps have since been removed from the Google Play Store, but with over 1.3 million downloads between them, there’s a chance you might have one or two lurking on your phone.
Here are the apps as they originally appeared on the Play Store:
And here’s the full list of Android package names to check for:
Sophos warns there are likely many similar apps on the Google Play Store that have yet to be detected. It recommends carefully reading user reviews before installing new Android apps. If there are no user reviews, let someone else be the guinea pig first.