Of those checked, 35 contained adware – a technique that displays more invasive and potentially malicious advertisements than standard ad-supported apps. 165 apps had excessive or dangerous combinations of permissions, and seven were found to exhibit malicious behaviour, like replacing the app with a version downloaded from the Internet via a command-and-control server.
Some of the apps were even discovered to be granting the ability to read your text messages. This could then be leveraged to intercept multi-factor authentication tokens.
Similarly, granting the ability to send SMS messages could be used to send spam or phishing campaigns from your device.
It’s unclear where the apps were distributed as there is no mention in the research about the software originating from the Google Play Store.
But it once again goes to prove that smartphone owners should always check before installing anything onto their phones. To help Android owners stay safe, Barracuda has revealed their top tips for keeping devices free from security threats.