Report: Millions of Android phones silently infected with malware through Samsung app scam

Two separate accounts surfaced over the past week, revealing how developers can use sketchy methods to infect your phone, take your money and even control your device.

A new report from CSIS Security Group found that a suspicious third-party app called "Updates for Samsung" had more than 10 million downloads before it was pulled from the Google Play store this week. To make matters worse for Android owners, a separate account says that a new type of mobile attack is emerging where a malicious app's icon is hidden from your home screen.

"Updates for Samsung" was meant to provide operating updates, however, it also reportedly tried to trick people into paying money for what would otherwise be a free refresh.

In a July 4 blog post, Aleksejs Kuprins, who works for CSIS Security Group in Denmark, detailed how the app worked.

Auto attacks: Here's how hackers are making your Tesla, GM and Chrysler less vulnerable

Hacking diabetes:People break into insulin pumps as an alternative to delayed innovations

"Besides being stuffed with advertisement frameworks and not being affiliated with Samsung (yet distributing their firmware), the app offers paid subscriptions for the downloads of the said firmware," Kuprins wrote. "A user can get an annual subscription for Samsung firmware update downloads for a small fee of $34.99. Interestingly, that doesn’t happen through the official Google Play subscriptions."

The app's developer told the computer support website BleepingComputer that the application was temporarily taken down to remove the firmware and make other service adjustments. A Google spokesperson said that the app was suspended for violating Google Play Developer Policies.

"Providing a safe and secure experience is a top priority," Google said in an emailed statement. "Our Google Play developer policies strictly prohibit apps that are deceptive, malicious, or intended to abuse or misuse any network, device, or personal data. When violations are found, we take action."

A report by the software technologies company Check Point revealed that apps similar to Updates for Samsung aren't very uncommon.

In a memo sent to USA TODAY, the research team said they observed a surge of Android malware attack attempts earlier in 2019, and that some of the applications had the ability to hide their icons and claim to be Google related-services.

Dubbed "Agent Smith," the "new species of mobile malware" often uses a weaponized dropper app to install malware and extract the smartphone's installed apps lists. "Agent Smith will then hijack compromised user apps to show ads," according to the Check Point report.

"The developers use fraudulent ads for financial gain," the research team wrote.

Check Point says over 25 million devices were "quietly infected while the user remains completely unaware." The research company has since submitted the data to Google and law enforcement units to facilitate further investigation.

Cyber attacks: These three things make your business an easy target

The good news is, there are things you can do to better protect your smartphone from mobile malware.

Firstly, only install official updates. For Android phones, go to Settings > About phone > Software/System/OS Update. For Apple devices, go to Settings > General > Software Update.

You can also protect yourself by updating your passwords, never letting anyone know your passcode, and running antivirus apps on your smartphone. Also, don't open random links.

Follow Dalvin Brown on Twitter: @Dalvin_Brown.

This article originally appeared on USA TODAY: 25 million Android phones quietly infected with malware, says report