Android smartphone owners have been put on alert over a number of dangerous new applications. Researchers writing on security intelligence blog TrendMicro have highlighted the apps, which include a file manager and third-party camera apps. If you’ve got these applications installed on your handset, you’ve likely been hacked – and are being tracked by cyber criminals.
The apps, named as Camero, FileCrypt, and callCam, are believed to be linked to Sidewinder – a hugely-sophisticated group of cyber criminals who specialise in espionage attacks. The apps are said to use a critical flaw within the Android operating system to spin on smartphone owners.
Interestingly, a Google researcher discovered the flaw late last year – seven months after Camero, FileCrypt, and callCam were introduced into the wild to exploit the vulnerability, suggesting they were a precursor to the separate attack developed by Israeli surveillance vendor NSO Group that alerted Google to the flaw.
“We speculate that these apps have been active since March 2019 based on the certificate information on one of the apps,” the researchers explained. That means these applications could have been quietly residing on your handset – watching you, tampering with your sensitive information – for some time.
The problematic apps used a number of techniques to avoid detection from users. This allowed them to hunt for information. Hiding in the menu – making it difficult to uninstall the software to remove the threat from your device – callCam collects the following information from your device and quietly sends it back to the attackers’ servers.
- Battery status
- Files on device
- Installed app list
- Device information
- Sensor information
- Camera information
- Wi-Fi information
- Data from your WeChat, Outlook, Twitter, Yahoo Mail, Facebook, Gmail, and Google Chrome
Thankfully, users who hadn’t already downloaded these apps since March 2019 are no longer under threat. That’s because Google has removed all of the compromised software from its Play Store – so there’s no chance of stumbling across Camero, FileCrypt, and callCam anytime soon. If you think you might’ve installed these apps in the past and would like to make sure that you’re not being watched, head to Android System Settings > App Manager.
Once that has loaded, scan through the listed package names and uninstall any that correspond to Camero, FileCrypt, and callCam. This gets around the issue of the apps hiding within the App Drawer on your handset, so you can still spot it – and kill it.
Android users should always be careful when downloading an application from an unknown developer, or one with few reviews. Google tries hard to keep its Play Store safe from threats, but these apps do occasionally slip through the protections. To fortify your smartphone or tablet against most cyber threats, there are a number of simple steps you can take, including keeping your hardware up-to-date with the latest updates, pay close attention to the permissions being requested by an app when you download it, and frequently back-up your personal data.
Lastly, you can install a third-party anti-virus solution to help combat viruses and malware that hides itself on your device.
The latest security warning comes after a few rough months for Android and iPhone users. In the last few weeks, iPhone owners have been cautioned to remove 17 applications that infiltrated the App Store and were quietly generated advertising revenue – using mobile data and processing power behind Apple smartphone users’ backs. Not only that, but researchers at ESET this week also identified 42 Android apps from inside the Google Play Store containing harmful adware, something that can drain your battery life, data and can even gather personal information. And worse still, a number of Play Store apps designed to keep you safe have been exposed as some of the worst offenders.