Posted By Remote Techs On 30-October-2018
If you take a lot of photos with your Android device, you’re probably constantly on the lookout for a better way to organize them and access them. That’s exactly what the authors of the malicious app called “The Album, by Google Photos” are hoping for.
The app put in a brief appearance on the Microsoft store, where it claimed to be from Google but it’s clearly not. Unfortunately, the authors have gone to great lengths to make it appear legitimate, and as such, it has been downloaded and installed an alarming number of times.
When this app is installed and run for the first time, users are presented with a (legitimate) Google sign in page. It is not known whether the authors of the app siphon user login credentials from this page, but it’s certainly possible. So if you have installed the app but haven’t run it yet, don’t log in.
Once you’re logged in, the app will connect to a malicious URL and download a configuration file. Using the information contained in the config file, it will begin running in the background, displaying ads invisibly and then clicking on them, earning revenue for the app’s creators and slowing your Android device to a crawl in the process.
Note that the authors were careful, but only to a point. Although the ads themselves are invisible, if those ads have an audio component, the user will hear the sounds associated with the ad, although of course, they won’t have any clear indication of where the sounds are coming from. This is, in fact, how researchers became aware of the malicious nature of the app.
If you’ve downloaded this app, please uninstall it immediately. Doing so will improve your device’s performance and stop those sounds that have no apparent source from troubling you further.