Both iOS and Android have App Stores of their own for users to download new software, but despite their glossy exterior, malicious software is often hidden among legitimate offerings. For Android, in particular, the Google Play Store was recently found to have thousands of apps containing malware — including “counterfeit” apps that masquerade as real ones to trick users into downloading! If you’re an Android user, you may have already downloaded one of these impostor apps without even knowing it! If you’re looking to protect your Android device from malicious hackers and data-stealing apps, read on to see our breakdown of which apps are compromised, along with how to spot the fakes for yourself.

Thousands of fake, malware-containing apps on Google Play Store

A recent study performed by the University of Sydney and Commonwealth analyzed a large swath of apps found on the Google Play Store in an effort to understand just how bad the malware infestation is on the official store for Android. What they found was shocking: Nearly 50,000 apps are impersonating some of the most popular programs on the store, and over 2,000 apps from this selection were found to contain dangerous malware! The study was performed using a combination of neural networks and a malware scanner to obtain the data. The neural networks would scout the Google Play Store for apps with similar icons and text descriptions to the 10,000 most popular downloads. Then, the isolated counterfeits would be scanned for viruses and other malicious software. In the university’s findings, the biggest culprits for counterfeits were game apps that ripped off popular titles like Temple Run, Hill Climb Racing, and Free Flow. It makes sense for cybercriminals to bundle viruses inside of gaming apps since children are more likely to download them as opposed to adults. Kids aren’t always aware of the dangers presented by cyber-threats, and many of them are just looking to have fun while, say, borrowing their parents’ phone on a road trip. Once installed, these malicious apps can wreak havoc on a phone. Many of them bundle custom ad libraries that can track your activity or target you with advertisements you wouldn’t ordinarily see. Others will ask for unusually broad privacy permissions while installing — which can give the apps unfettered access to your most personal information.

How can I protect myself from fake apps on Google Play?

As startling as the findings are, there isn’t much Google can do to curb the tide of fake apps without drastically overhauling the way the Google Play store works. In contrast to iOS, Android is supposed to be the “free” and more open-ended platform, which gives users more freedom to customize the behavior and performance of their phones. Limiting the functions of apps would change this — and likely upset quite a few fans in the process. In the meantime, however, there are some red flags you can look for when downloading an app from the Google Play Store. Always make sure to read reviews of any app you’re looking at before downloading. The star ranking, ultimately, is less important than the number of reviews, as popular apps tend to garner frequent reviews and criticisms from users. A popular app title with only seven five-star reviews is highly suspect and should be treated as such. On top of this, it’s also worth checking out the permissions that the app asks for when you install it. This is seen on the download page of every app on the Google Play Store and will tell you what data (if any) the app harvests from your device. A game app, for example, shouldn’t need to see your browsing history. As long as the reviews, ratings, and permissions are appropriate for the app, you should be safe to download. Keep this in mind, and you can browse the Google Play Store without fear. Stay safe, stay aware, and as always, be smart with your data.