This site uses cookies, tokens, and other third party scripts to recognize visitors of our sites and services, remember your settings and privacy choices, and — depending on your settings and privacy choices — enable us and some key partners to collect information about you so that we can improve our services and deliver relevant ads.

By continuing to use our site or clicking Agree, you agree that CBS and our key partners may collect data and use cookies for personalized ads and other purposes, as described more fully in our privacy policy. You can change your settings at any time by clicking Manage Settings.

This app is one of many fake apps removed from the Google Play Store, Check Point said.

Check Point

These fake apps were free, but they ended up costing millions of people using Android.

Researchers from Check Point, a security company, said Thursday that they discovered 50 apps hiding malware on the Google Play Store. The malware was downloaded between 1 million and 4.2 million times before the affected apps were removed, said Check Point. 

These viruses were disguised as free wallpaper, camera and video editing apps, but contained a costly side effect. Malware in the apps would secretly register victims for paid services or send fraudulent text messages that people would have to pay for. Check Point named the malware "ExpensiveWall," after finding the majority of the infected apps were fake wallpapers. 

ExpensiveWall is actually a new strain of a previously known malware, which McAfee discovered in January on Google Play. "The entire malware family has now been downloaded between 5.9 million and 21.1 million times," said Check Point's researchers in a blog post.

The security company said it notified Google on Aug. 7 about the phony apps, and it quickly removed them. But within days, even more fake apps popped up, and they were downloaded more than 5,000 times before Google removed the new crop.

The fake apps were able to slip by Google's Play Protect, which is supposed to scan Android devices for malicious software, because scammers "packed" the malware, an advanced hiding technique that ducks under Google's radar, Check Point said.

"We've removed these apps from Play and always appreciate the research community's efforts to help keep the Android ecosystem safe," a Google spokesman said in a statement.

Even though Google removed the apps from its store, if you downloaded one, your device is still infected, Check Point's researchers warned. 

First published Sept. 14, 7:25 a.m. PT. 
Updated, 9:33 a.m. PT
: To include comment from Google.

It's Complicated: This is dating in the age of apps. Having fun yet?

Tech EnabledCNET chronicles tech's role in providing new kinds of accessibility.

See comments


DIY Tech
How to tips and tricks for getting the most out of all your tech delivered to your inbox.
More From Security
More From CNET