谷歌Play商店广告软件（谷歌应用商店哪些软件没广告）

As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware.

在谷歌Play商店发布的广告软件上，发现了多达30个恶意Android应用程序，累计下载量接近1000万。

"All of them were built into various programs, including image-editing software, virtual keyboards, system tools and utilities, calling apps, wallpaper collection apps, and others," Dr.Web said in a Tuesday write-up.

“所有这些都内置在各种程序中，包括图像编辑软件、虚拟键盘、系统工具和实用程序、通话应用程序、墙纸收集应用程序等，”Dr.Web在周二的一篇文章中说。

While masquerading as innocuous apps, their primary goal is to request permissions to show windows over other apps and run in the background in order to serve intrusive ads.

虽然伪装成无害的应用程序，但他们的主要目标是请求权限，在其他应用程序上显示窗口，并在后台运行，以提供侵入性广告。

To make it difficult for the victims to detect and uninstall the apps, the adware trojans hide their icons from the list of installed apps in the home screen or replace the icons with others that are likely to be less noticed (e.g., SIM Toolkit).

为了使受害者难以检测和卸载应用程序，恶意软件将其图标隐藏在主屏幕上已安装应用程序的列表中，或将图标替换为可能不太被注意到的其他图标（例如，SIM-Toolkit）。

Some of these apps also offer the advertised features, as observed in the case of two apps: "Water Reminder- Tracker & Reminder" and "Yoga- For Beginner to Advanced." However, they also covertly load various websites in WebView, and simulate user actions to click on banners and ads.

其中一些应用程序还提供广告功能，正如在两个应用程序中所观察到的那样：“水提醒 - 跟踪器和提醒”和“瑜伽 - 初学者到高级”。然而，他们也秘密地在网络视图中加载各种网站，并模拟用户操作以点击横幅和广告。

Also uncovered are another set of apps distributing the Joker malware in the form of launcher, camera, and emoji stickers apps that, when installed, subscribe users to paid mobile services without their knowledge and consent.

还发现了另一套以启动器，相机和表情符号贴纸应用程序形式分发Joker恶意软件的应用程序，这些应用程序在安装时会在用户不知情和不同意的情况下订阅付费移动服务。

The third category of rogue apps relates to those that pose as image editing software but, in reality, are designed to break into Facebook accounts.

第三类流氓应用程序与那些伪装成图像编辑软件但实际上旨在侵入 Facebook 帐户的应用程序有关。

"Upon launching, they asked potential victims to log in to their accounts and then loaded a genuine Facebook authorization page," Dr.Web researchers said. "Next, they hijacked the authentication data and sent it to malicious actors."

“启动后，他们要求潜在受害者登录他们的帐户，然后加载一个真正的 Facebook 授权页面，”Dr.Web 研究人员说。“接下来，他们劫持了身份验证数据并将其发送给恶意行为者。”

• Photo Editor: Beauty Filter (gb.artfilter.tenvarnist)

• 照片编辑器：美颜滤镜 (gb.artfilter.tenvarnist)

• Photo Editor: Retouch & Cutout (de.nineergysh.quickarttwo)
• 照片编辑器：润饰和抠图 (de.nineergysh.quickarttwo)

• Photo Editor: Art Filters (gb.painnt.moonlightingnine)
• 照片编辑器：艺术滤镜 (gb.painnt.moonlightingnine)

• Photo Editor - Design Maker (gb.twentynine.redaktoridea)
• 照片编辑器 - 设计制作 (gb.twentynine.redaktoridea)

• Photo Editor & Background Eraser (de.photoground.twentysixshot)
• 照片编辑器和背景橡皮擦 (de.photoground.twentysixshot)

• Photo & Exif Editor (de.xnano.photoexifeditornine)
• 照片和 Exif 编辑器 (de.xnano.photoexifeditornine)

• Photo Editor - Filters Effects (de.hitopgop.sixtyeightgx)
• 照片编辑器 - 滤镜效果 (de.hitopgop.sixtyeightgx)

• Photo Filters & Effects (de.sixtyonecollice.cameraroll)
• 照片滤镜和效果 (de.sixtyonecollice.cameraroll)

• Photo Editor : Blur Image (de.instgang.fiftyggfife)
• 照片编辑器：模糊图像（de.instgang.fiftyggfife）

• Photo Editor : Cut, Paste (de.fiftyninecamera.rollredactor)
• 照片编辑器：剪切、粘贴 (de.fiftyninecamera.rollredactor)

• Emoji Keyboard: Stickers & GIF (gb.crazykey.sevenboard)
• 表情符号键盘：贴纸和 GIF (gb.crazykey.sevenboard)

• Neon Theme Keyboard (com.neonthemekeyboard.app)
• 霓虹主题键盘（com.neonthemekeyboard.app）

• Neon Theme - Android Keyboard (com.androidneonkeyboard.app)
• 霓虹灯主题 - Android 键盘 (com.androidneonkeyboard.app)

• Cashe Cleaner (com.cachecleanereasytool.app)
• 缓存清理器 (com.cachecleanereasytool.app)

• Fancy Charging (com.fancyanimatedbattery.app)
• 花式充电（com.fancyanimatedbattery.app）

• FastCleaner: Cashe Cleaner (com.fastcleanercashecleaner.app)
• 快速清理：缓存清理(com.fastcleanercashecleaner.app)

• Call Skins - Caller Themes (com.rockskinthemes.app)
• 来电皮肤 - 来电主题 (com.rockskinthemes.app)

• Funny Caller (com.funnycallercustomtheme.app)
• 有趣的来电者（com.funnycallercustomtheme.app）

• CallMe Phone Themes (com.callercallwallpaper.app)
• CallMe 电话主题 (com.callercallwallpaper.app)

• InCall: Contact Background (com.mycallcustomcallscrean.app)
• InCall：联系人背景 (com.mycallcustomcallscrean.app)

• MyCall - Call Personalization (com.mycallcallpersonalization.app)
• MyCall - 呼叫个性化 (com.mycallcallpersonalization.app)

• Caller Theme (com.caller.theme.slow)
• 来电主题 (com.caller.theme.slow)

• Caller Theme (com.callertheme.firstref)
• 来电主题 (com.callertheme.firstref)

• Funny Wallpapers - Live Screen (com.funnywallpapaerslive.app)
• 有趣的壁纸 - 动态屏幕（com.funnywallpapaerslive.app）

• 4K Wallpapers Auto Changer (de.andromo.ssfiftylivesixcc)
• 4K 壁纸自动更换器 (de.andromo.ssfiftylivesixcc)

• NewScrean: 4D Wallpapers (com.newscrean4dwallpapers.app)
• NewScrean：4D 壁纸 (com.newscrean4dwallpapers.app)

• Stock Wallpapers & Backgrounds (de.stockeighty.onewallpapers)
• 股票壁纸和背景 (de.stockeighty.onewallpapers)

• Notes - reminders and lists (com.notesreminderslists.app)
• 笔记 - 提醒和列表 (com.notesreminderslists.app)

Last but not least, also spotted on the app storefront was a rogue communications app known as "Chat Online," which tricks users into providing their mobile phone numbers under the pretext of signing up for online dating services.

最后但并非最不重要的一点是，在应用程序店面上还发现了一款 名为“Chat Online”的流氓通信应用程序，该应用程序以注册在线约会服务为借口诱骗用户提供他们的手机号码。

In a different version of the same malware, a seemingly real conversation is initiated, only for the app to prompt users to pay for premium access to continue the chat, incurring fraudulent charges.

在同一恶意软件的不同版本中，发起看似真实的对话，只是为了让应用程序提示用户支付高级访问权限以继续聊天，从而产生欺诈费用。

Although these apps have been purged, it's no surprise that mobile malware has been proven to be resilient, what with the criminal actors constantly finding new ways to bypass protections put in place by Google.

尽管这些应用程序已被清除，但移动恶意软件已被证明具有弹性也就不足为奇了，犯罪分子不断寻找新方法来绕过谷歌实施的保护措施。

Users are recommended to exercise caution when it comes to downloading apps, Google Play or otherwise, and refrain from granting extensive permissions to apps. Turning on Google Play Protect and scrutinizing app reviews and ratings are other ways to secure devices from malware.

建议用户在下载应用程序、Google Play 或其他方式时谨慎行事，避免向应用程序授予广泛的权限。打开Google Play Protect并检查应用评论和评级是保护设备免受恶意软件侵害的其他方法。

圣人自知不自见，自爱不自贵。

——《道德经.第七十二章》

本文翻译自：

https://thehackernews.com/2022/07/these-28-android-apps-with-10-million.html

如若转载，请注明原文地址

翻译水平有限 :(

有歧义的地方，请以原文为准 ：）