Some beauty camera app users may end up seeing a bit more than they were hoping for as some of these are pushing unwanted ads and even pornographic material while others may steal your photos.
Trend Micro researchers found several of these apps, identified as AndroidOS_BadCamera.HRX, available. The number of downloads from Google Play range into the millions with the majority of these being done in Asia and India.
The apps malicious behavior generally starts when the user unlocks the device’s display and malicious ads begin to appear, some containing pornography. However, the actors behind this campaign take the criminal activity even a step further. Even if a person were to click on the pushed ad and pay for the service supposedly provided nothing will be delivered.
Some of the other beauty camera apps Trend found push pop ups saying the person has one a free gift, but when this is accepted by pressing “OK” the person is sent to phishing sites that then asks the user for personal information, such as addresses and phone numbers. In another case the person is sent to a game site where everyone is a winner, but once the game is over the game asks for some PII.
Another set of camera apps require the person to upload their photos, but instead of receiving their edited photo the person is presented with a screen asking them to update the app. Trend Micro believes the people behind these sites use the photos for creating fake social media profiles.
Google has removed all of the apps found by Trend Micro, but the research firm reminded people to check out every app before downloading, particularly the reviews which may be the only way to tell whether or not an app is legitimate.