Delete These Malware-Filled Android Apps Aimed At Kids

Once again, a batch of Android apps managed to make their way onto the Google Play Store and infect more than one million devices with malware. I don’t mean to be glib about it; it’s a problem, and it’s happening with enough frequency, and affecting enough people, that it feels almost kind of commonplace at this point. If you download random apps you’ve never heard of, or apps that haven’t haven’t been critically reviewed, even if they have a lot of downloads and user reviews, you’re taking a risk.

This time around, 24 of the problematic 56 Android apps were geared to target children—or, presumably, parents who want to give their kids a quick game to play while they do something else. These apps and games mostly cloned what you’d find in other, more popular titles, with one fun quirk. They also came with a piece of malware known as “Tekya,” which automatically racks up advertising clicks on a person’s device and gives the malware makers free cash.

If you’ve installed apps from any of the following developers, you should remove them. And make sure you’ve cross-referenced the apps against Check Point Research’s list of affected apps, to confirm whether you were infected or not:

  • Biaz Inc

  • Biscuit Ent

  • Caracal Entertainment

  • Golden Cat

  • Leopardus Studio

  • Lynx StudioX

  • MajorStudioX

  • Megapelagios

  • MochiMicho

  • Pantanal Entertainment

  • Royal Chow Studio

  • Slardar Studio

  • Sunda Clouded

  • Titanyan Entertainment

  • White Whale Studio

  • World TravelX

The troubling thing about the Tekya malware is that it was undetectable by both Google Play Protect and a separate VirusTotal scan. In other words, you would have had to rely on common sense, not technology, to avoid getting hit. And it’s tricky, I get it. Consider one malware app, Cooking Delicious:

At first glance, the game appears pretty innocent. Sure, it’s a clone of every other “build a [something]” game that forces you to wait for your constructions or pay out the nose for in-app currency that speeds it up. With a great overall star rating and 2,248 reviews in total, the game looks lame, but legit. The only thing that would have thrown me off about it, aside from its uninteresting premise, is its description. It seems terse and generic, the kind of thing one would whip up in a minute or so if one was in a hurry to launch as many malware-filled apps as possible. Would that be enough to get an average person to not install the app, though? Probably not.

However, a quick online search reveals that there’s no web presence for the app’s developer, “Caracal Entertainment.” Sure, independent developers might not have one, either, but I would expect that a seemingly small-company dev would have something—if nothing else, a site that highlights this game and all the others in their portfolio, or a social media account at minimum to promote them and their efforts. This is a clue. It’s not a strong clue, but it’s something.

Does this mean that you should run a web search for every single developer of every app you want to download? It’s a bit cumbersome, but it wouldn’t hurt. At the very least, I’d do this if the app you’re looking to grab seems off. For example, if the screenshots are odd, misshapen, or low-quality; the app’s description feels like one large run-on sentence; the app’s reviews are terribly written but incredibly positive—things like that. Then, maybe take a moment to do a little extra digging.

As for these apps, it’s good to know that the worst the Tekya malware could have done to your device, as far as I’ve seen, is to eat up its battery and possible affect its performance a little. The malware didn’t dig any deeper into your Android device than that, so there’s at least that silver lining if you grabbed one of these malicious apps or games.

Comments


Leave a Reply