Cyber security experts have discovered more than 150 Android smartphone apps that silently deceive their users.
Avast researchers say the spoofed apps were available on the Google Play Store disguised as keyboard, QR code scanner, and wallpaper apps.
Once they reach the user’s mobile phone, they steal the money by charging up to $40 per month for fake subscription services.
Avast researchers said the apps were downloaded more than 10.5 million times by users around the world, but were later removed from the Google Play Store.
However, anyone who downloaded one before it was banned is still at risk. Therefore, experts are urging to delete the apps from their phones as soon as possible.
Avast antivirus experts detailed the apps and the attack they used in a blog post on October 24.
“The apps I discovered are part of the UltimaSMS campaign, which consists of 151 apps. They are nearly identical in structure and functionality, and are essentially copies of the same fake app used to spread the distinct scam SMS campaign,” wrote cyber researcher Jacob Vavra.
He continued, “I named the campaign UltimaSMS because one of the first apps I discovered was called Ultima Keyboard 3D Pro.”
The fake apps fall into a wide range of categories including custom keyboards, QR code scanners, photo editing software, spam call blockers, camera filters, and games.
According to the analytics firm Sensor Tower, the apps have been downloaded by users from more than 80 countries.
Once the rogue app is downloaded and installed, it quickly checks the device’s location, language, and IMEI number. A phone number is also requested.
Handing this over registers your number in a premium SMS service, which can cost up to $40 a month.
“The sole purpose of the fake apps is to deceive users into signing up for premium SMS subscriptions. Many people who have sent their phone numbers into the apps may not realize that the additional charges in their phone bill are associated with the apps,” Vavra wrote.
After Avast alerted Google’s security team to the UltimaSMS apps, they were removed from the Google Play Store