Yesterday Sophos shared that they found 25 photo apps with malware and reported it to Google. The apps have a kind of malware classified as Andr/Guerilla-D. The apps where uploaded to the Play Store in March and April of this year. The apps work like normal at the start but in the background download instructions and malicious files from remote servers while using the apps. A lot of the things apps will do with this is to generates fraudulent ad revenue for the developers by making the phone click on ads in the background automatically.
Sophos did have some advice on what to do
The safest place to get your Android apps is still Google Play. Although malware is found there fairly regularly, it’s still news when it happens.
So while bad apps are uploaded to the Play Store it’s still safer then apps from other sources for Android. our tips for you is to only use apps from publishers you trust and know. Always be sceptical and thinking about why the apps are free, and if you need another photo editor or music app.