Such malware-laden apps hide as background apps, messaging apps, and apps that “clean up” your phone’s inner workings
The attackers try to infect as many phones as possible while leaving their apps in the Google Play Store for as long as possible. These apps are usually listed in popular categories such as personalization (wallpapers and lock screen apps), beauty, editor, communication (messaging and chat apps), photography, and tools (such as cleaner and fake antivirus apps).
How a malware-infected app can sign you up for expensive subscription services you didn’t ask for
Not only do these apps ask for a large number of permissions, some of the permissions requested also don’t make sense. For example, a wallpaper app that contains malware may request permission to access your texting apps. That’s not permission that such an app would normally need.
Many of these malware-laden apps share the same user interface, icons, and buttons. Search the developer profile for fake developer names and fake email addresses. Watch out for spelling mistakes and bad grammar in the list.
While Google allows you to do that, be smart and don’t sideload apps on your Android phone
The bottom line is that this malware leads victims to pay significantly higher mobile bills after being charged for premium services they did not sign up for. And because these apps can escape detection, a large number of them can be installed before the attack is discovered. This malware belongs to a category known as toll fraud, which accounted for 34.8% of the Google Play Store’s “Potentially Harmful Application” (PHA) installed in the first quarter of 2022, second only to spyware.
Look for signs that you installed an app with malware. These signs include rapid battery draining, connectivity issues, phone constantly overheating and running much slower. Be wary of a large number of pop-up ads. And check your cell phone bill every month and look for chargers for services you don’t remember subscribing to. If you notice any of these red flags, you should contact your carrier immediately.
Keep in mind that once you’ve been caught in this trap, it’s unlikely you’ll get your money back from your carrier. So the sooner you can recognize that you’ve been, the better it is for you.