A few dozen apps camouflaged as fashion and photo utilities on the Android app store have been found running malicious code. Combined some estimates put these apps at over 2 million downloads. This is just the latest in a increasing trend of hackers targeting cell phones and other IoT devices for their purposes. 

In this instance some 24 apps were found to have the code installed. The code seemed to hide itself from the Google Play Store security monitoring, as the malicious commands were downloaded AFTER the app was installed in a configuration file. 

“Instead, the switch is controlled remotely via the downloaded configuration file, allowing the malware developer to evade Google Play’s rigorous security testing,” says Symantec’s Threat Intelligence team who discovered the apps. – from BleepingComputer.com*

The app hijacked the phones to open full screen advertisements earn the hackers money. It even leveraged its own activity to boost the another version of the app to the trending section of the Google Play Store.

With the increasing monetization of hacking and malware, it is very important to ensure your network is protected. The first step in incident response is preparation. Be sure to contact your IT provider for your annual risk assessment.