As much as Google is trying to remove malicious apps from the Play Store, hackers seem to be one step ahead. A modus operandi used successfully in the past to clear up Play Store scrutiny is to initially put a clean copy of the apps and then, in subsequent updates, push the malware onto uncomplicated devices that have the app installed. Another new instance of this methodology has come to light in the Play Store, and you should know if any of these applications are installed.
The discovery was made by McAfee Mobile Security which identified eight Android applications in total, guilty of serious unauthorized hacking methods to hijack the user’s device. To the point where the user was under their noses, they were able to steal information from text messages for sensitive content like OTP, and also make unauthorized purchases.
These apps listed in Southwest Asia and the Arabian Peninsula region were to blame. Later McAfee Report, the apps were removed from the Play Store. Before being retired, these had more than 700,000 official installations.
Most of these apps cleverly disguised themselves as keyboard skins, puzzles, wallpapers, photo editors, or other camera-related apps. As mentioned above, these apps would become malicious on version update, and as soon as the user updated them, it spelled doom for them.
Apps are rejected from Play Store, but if you have them installed, you need to remove them manually, ASAP. The apps in question are: com.studio.keypaper2021, com.pip.editor.camera, org.my.favorites.up.keypaper, com.super.color.hairdryer, com.ce1ab3.app.photo.editor, com. hit.camera.pip, com.daynight.keyboard.wallpaper, and com.super.star.ringtones.
A solution to stay safe from possible future attacks from applications disguised as legitimate is not to grant them permissions that are not necessary. Android 12 may come with the native solution for this, but until then you will have to set the permissions manually.