Malware found in 16 apps downloaded over 20 million times

Malware found in 16 apps downloaded over 20 million times

A new type of malware targeting Android devices was found in 16 apps on the Google Play Store

by Nora Hogan

According to Mcafee researchers, Google was just alerted to 16 apps that contain new malicious Clicker software hidden in apps that seemingly appear to be useful tools like a flashlight, high-speed camera, and a currency converter.

Clicker malware is just the latest attack on Android devices – over 75 new ones were found earlier this month in the Google Play Store, and the goal for all of these fake apps is mobile ad fraud.

Be sure you didn’t download any of these harmful applications, and learn how you can protect yourself from falling victim to malware.


Clicker malware on Android devices

What is Clicker malware?

The apps created by hackers contain code that creates fake clicks on your device which translates into revenue for the app developers. Without the user’s knowledge, the app simulates the clicking of advertisements and website browsing which generates more ad revenue.

Clicker is super sneaky because it has a delay before it actually starts affecting your device. It won’t automatically start working until at least after an hour after it’s infected your device. That way, you have a better chance of not knowing if an app, website, or something else you clicked caused this.


How does Clicker malware work?

If you download an app containing Clicker malware, it will take a little while to start functioning. It may look like a legitimate app, but it’s actually going to slow your device down by running a program in the background that’s visiting harmful websites and generating ad revenue for hackers.


What apps were targeted

The most widespread apps that were created using this Clicker code impersonated the following:

  • QR code converter
  • Camera
  • Note-taker
  • Currency/unit converter
  • Dictionary
  • Smart task manager


Credit: McAfee

See below for the full app names and how many times they were downloaded to double-check that you don’t have a fraudulent app on your device. Delete any of these apps NOW.

name/# of downloads

  • High-Speed Camera 10,000,000+
  • Smart Task Manager 5,000,000+
  • Flashlight+ 1,000,000+
  • 달력메모장 1,000,000+
  • K-Dictionary 1,000,000+
  • BusanBus 1,000,000+
  • Flashlight+ 500,000+
  • Quick Note 500,000+
  • Currency Converter 500,000+
  • Joycode 100,000+
  • EzDica 100,000+
  • Instagram Profile Downloader 100,000+
  • Ez Notes 100,000+
  • 손전등 1,000+
  • 계산기 100+
  • Flashlight+ 100+


How to protect yourself from Clicker malware

  1. It’s important to always keep your iOS or Android software up to date. App and software updates often contain fixes to glitches and security flaws.
  2. Keep your browsers updated.
  3. If you have one of these apps installed, uninstall them immediately and then remove any malware that may be on your phone using an antivirus app.  My top pick is TotalAV (Limited time deal: $19 your first year (80% off).  More: Best Antivirus Protection in 2022 found here.
  4. When downloading an app, always check the number of ratings (avoid apps with little to no ratings), the quality of the written comments, (A telltale sign of suspicious apps often have poor grammar).  And if the developer has a legit website.



Leave a Comment

Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder