Google Play warns not to download these free apps. Here’s what to watch for
ByTuhin Das Mahapatra
Mar 13, 2025 09:38 AM IST
Google is boosting Play Store defences against increasing sideloading threats. CTM360 warns of a campaign using fake Play Store websites to distribute Trojan.
Google is stepping up its security game, reinforcing the Play Store’s defences as the risks of sideloading apps continue to grow. “Chrome users are protected against the identified malicious URLs by Google Safe Browsing. Based on our current detection, no apps containing this malware are found on Google Play,” Google told Forbes.
2 Ways To Get Free Google Play Gift Cards Redeem Codes (2023 & 2024)
2 Ways To Get Free Google Play Gift Cards Redeem Codes (2023 & 2024)
Earlier this month, Google cracked down on fake apps lurking in its Play Store, but a new threat has emerged—what if the Play Store itself is fake?
“Android users are automatically protected against known versions of this malware by Google Play Protect, even when apps come from sources outside of Play,” Google assured.
ALSO READ|Chromecast users, don't factory reset: Google issues urgent warning amid outage
Industry-favourite malware detector CTM360 reveals a massive campaign tricking users into downloading malware through counterfeit Play Store websites. These sites closely mimic Google’s official platform, making it easy for unsuspecting users to fall into the trap.
How fake apps are hijacking devices and stealing date
People are baited to fraudulent pages through social media ads and messages which insist they download apps that appear to be free or even offer exclusive deals. These apps seem legitimate, but in fact, they are carriers of Trojan malware meant to steal the data of users.
CTM360 has discovered over 6,000 such fake Play Store pages. The malware isn’t just stealing banking credentials—it’s monitoring clipboard activity, logging keystrokes, and allowing attackers to exploit victims' data for further malicious activities.
Dubbed ‘PlayPraetor’, the campaign takes its name from Roman officials who wielded control over citizens, much like how this Trojan hijacks infected devices, extracting personal data such as login credentials and clipboard information. The scammers have even registered domain names that resemble official websites to make their ruse more convincing. Some sites go a step further, mimicking government agencies and public service portals to increase the chances of success. When users click the fake Play Store download button, they unknowingly install the Trojan.
ALSO READ|Massage chairs to nap rooms: Woman gives a sneak peek into Google's Gurgaon office
They disguise the malicious apps themselves, giving them the same icons and the same names as legitimate apps. Like with many other attacks like these, these fake apps abuse permissions, especially Android’s Accessibility Services, which, in this case, allows them to literally hijack a device. It includes capturing screen content, capturing keystrokes to steal login details or private keys and monitoring continuous clipboard items to scoop cryptocurrency addresses or passwords.
rec-icon Recommended Topics
Share this article
Google Play Protect
Read breaking news, latest updates from United States on topics related to politics, crime, along with national affairs. Stay up to date with news developments on Kamala Harris and Donald Trump.
See More
Read breaking news, latest updates from United States on topics related to politics, crime, along with national affairs. Stay up to date with news developments on Kamala Harris and Donald Trump.