All technician experts will tell you that the App Store is safer than the Google Play Store. Some may argue that it is impossible to download malicious apps from the app store, but they are wrong.
Although we acknowledge the App Store as a secure, tightly controlled ecosystem, it cannot be fully protected. Security researchers have discovered that hackers target several apps in the app store to spread malware that steals information from screenshots stored on devices.
This issue also affects download apps from the Google Play Store.
People who have an iPhone. (Kurt “Cyberguy” Knutsson)
What makes malware different and different
According to Kaspersky ResearcherThis malware campaign is more advanced than a typical information steeler, both in how it works and how it spreads. Instead of relying on social engineering tricks to grant users permissions like most bank Trojans and spyware, this malware hides in a seemingly legal app and passes Apple and Google security checks .
One of its outstanding features is optical character recognition. Instead of stealing saved files, it scans the saved screenshots on your device, extracts text, and sends information to a remote server.
Once installed, the malware operates stealth and often only activates after dormant periods, ensuring that it does not increase doubt. Using encrypted communication channels, stolen data is sent back to the operator, making it difficult to track. Additionally, it spreads through app dependency deceptive updates or hidden codes, an approach that helps avoid early security screening by the App Store review team.
Infection vectors vary depending on the ecosystems of Apple and Google. On iOS, malware is often embedded in apps that pass Apple’s strict review process first, but later introduces harmful features through updates. On Android, malware can take advantage of the sideloading option, but even the official Google Play apps have been found to carry these malicious payloads.
App store messaging app designed to seduce victims.
Hidden Costs of Free Apps: Your Personal Information
What is being stolen and who is responsible?
The scope of stolen information is surprising. The malware primarily targets crypto wallet recovery phrases, but can also exclude login credentials, payment details, personal messages, location data, and even biometric identifiers. Some versions are designed to harvest authentication tokens, allowing attackers to access their accounts even if users change their passwords.
Apps that act as malware carriers include ComeCome, Chatai, Wetink, Anygpt, and more. These range from productivity tools to entertainment and utility apps. In some cases, malicious developers will create these apps to fully understand the purpose of the malware. Others appear to be a supply chain vulnerability. In this case, the legitimate developer unconsciously integrates a compromised SDK or third-party service that introduces malicious code into the application.
We contacted Apple for comments but did not respond before the deadline.
App store messaging app designed to seduce victims. (Kaspersky)
Apple’s response to screenshot scan malware discovered in the App Store
Apple has removed 11 iOS apps mentioned in the Kaspersky report from the App Store. Additionally, they discovered that these 11 apps share code signings with 89 other iOS apps. All of these were banned or removed because they were all rejected or deleted in violation of Apple’s policies, which resulted in termination of your developer account.
Apps that require access to user data such as photos, cameras, locations, etc. should provide associated features or face denials. You also need to clearly explain the amount of data you use when asking users for permission. The iOS Privacy feature allows users to always have control over whether their location is shared with the app. Also, starting with iOS 14, the Photokit API allows apps to request access to a user’s photo library, allowing users to select only specific photos or videos to share with the app, instead of accessing the entire library. Added additional controls as well.
App Store review guidelines require developers to be responsible for the entire app, including ad networks, analytics services, and third-party SDKs, to ensure that they are compliant with the guidelines. Developers should carefully review and select these components. The app also needs to accurately represent privacy practices, including the SDK practices used in the privacy label.
In 2023, the App Store refused to submit apps for more than 1.7 million people because it failed to meet strict privacy, security and content standards. It also rejected 248,000 app submissions that were found to be spam, copycats, or misleading, preventing 84,000 potentially fraudulent apps from reaching users.
What is Artificial Intelligence (AI)?
What Google does to stop malware
A Google spokesperson told CyberGuy:
“All identified apps have been removed from Google Play and developers are prohibited. Android users are automatically protected from known versions of this malware. Google Play Protectexists by default on Android devices with Google Play services. ”
However, it is important to note that Google Play Protect may not be sufficient. Historically, it’s not 100% absolutely difficult to remove all known malware from your Android device. Here’s why:
What Google Play Protect can do:
- Scan apps on the Google Play Store to explain known threats.
- Warn if the app behaves suspiciously.
- Detects apps from unverified sources (sideloaded APKs).
- You can disable or remove harmful apps.
Things Google Play Protect cannot do:
- You may miss malware from third-party app stores and sideload apps.
- It does not have features such as VPN protection, anti-theft tools, and privacy monitoring.
Image of someone entering their password on the screen. (Kurt “Cyberguy” Knutsson)
How scammers use your personal data for financial fraud and how to stop them
Five ways users can protect themselves from such malware
1. Use powerful antivirus software. Installing powerful antivirus software allows you to add an additional layer of protection by scanning apps that scan for malware, blocking suspicious activity and alerting you of potential threats. The best way to protect yourself from malicious links to install malware is to install antivirus software on all devices, as it may access your personal information. This protection can also warn you that it will phish email and ransomware scams and keep your personal information and digital assets safe. Get the best 2025 Antivirus Protection Winners picks for Windows, Mac, Android and iOS devices.
2. Stick to trusted developers and famous apps: Malware was found in the official app store, but users can minimize risk by downloading apps from reputable developers with long track record. Before installing the app, check the developer history, read multiple reviews, and check the permissions to request. If an app from an unknown developer suddenly gains popularity, but you don’t have a strong review history, be careful and approach it.
Click here to get your Fox business on the go
3. Carefully check the app permissions: Many malicious apps hide legitimate tools, but require excessive permission beyond the stated purpose. For example, a simple calculator app doesn’t require you to access contacts, messages, or locations. If your app requires permissions that seem unnecessary, consider it a red flag and either deny those permissions or avoid installing the app altogether. Go to your phone settings and check the app permissions iPhone and Android.
4. Update your device and apps: Cybercriminals exploit the vulnerabilities of outdated software to distribute malware. everytime Update your operating system and apps For the latest versions, these updates often include important security patches. By enabling automatic updates, you will be able to remain protected without having to manually check for newer versions.
5. Beware of apps that promise too: Many malware-infected apps will captivate users by offering features that seem untrue, such as free premium services, extreme battery optimizations, and AI-powered features that appear unrealistic. If your app’s claims are exaggerated or if its download count skyrockets overnight with questionable reviews, it’s best to avoid them. Stick to apps with transparent development teams and verifiable features.
How to delete private data from the Internet
Important points of cart
The new malware campaign highlights the need for a more rigorous review process, continuous monitoring of app behavior after approval, and increased transparency from the app store regarding security risks. Apple and Google removed malicious apps when they were detected, but the fact that they came onto the platform in the first place reveals a gap in existing security frameworks. As cybercriminals improve their methods, app stores must risk losing the trust of users who claim to be similarly evolving or protecting them.
Click here to get the Fox News app
Do you think app stores should be more responsible for malware slipping? Write us and let us know cyberguy.com/contact
For more information about my tech tips and security alerts, please subscribe to our free Cyber Guy Report Newsletter towards cyberguy.com/newsletter
Ask us a question in our cart or let us know what you want us to cover.
Follow your cart on his social channels:
Answers to the most accused Cyber Guy questions:
New from Cart:
Copyright 2025 cyberguy.com. Unauthorized reproduction is prohibited.
