Google Play has removed 13 racing games after discovering each was installing malware once downloaded.
The offending apps were discovered last week by security researcher Lukas Stefanko, who revealed the breach via Twitter.
Don't install these apps from Google Play - it's malware.
— Lukas Stefanko (@LukasStefanko) November 19, 2018
Details:
-13 apps
-all together 560,000+ installs
-after launch, hide itself icon
-downloads additional APK and makes user install it (unavailable now)
-2 apps are #Trending
-no legitimate functionality
-reported pic.twitter.com/1WDqrCPWFo
Watch out
All 13 games were released by a developer named Luiz O. Pinto and had accumulated over 560,000 installs before removal. Two apps had managed to make their way onto Google Play’s trending apps - despite what Stefanko calls “no legitimate functionality”.
When downloaded and launched, the apps would appear to start up before 'crashing'. In reality, the apps installed malware, before deleting the original app icon from the device’s home screen.
TechCrunch reports that the apps have since been removed by Google for violating store policies.