Remove These Malicious Android Apps Designed for Kids

Once again, a suite of Android apps made it to the Google Play Store and infected over a million devices with malware. I don’t want to talk about it smartly; it’s a problem and it happens with enough frequency and affects enough people that it seems almost commonplace at the moment. If you download random apps that you’ve never heard of, or apps that haven’t been critically reviewed, even if they have a lot of downloads and user reviews, you’re at risk.

This time around, 24 of the 56 problematic Android apps were targeted at children – or, presumably, parents who want to give their kids a quick game to play while they do something else. These apps and games have basically cloned what you find in other, more popular games, with one fun twist. They also came with malware known as “Tekya”, which automatically increases the number of ad clicks on a user’s device and gives malware manufacturers free money.

If you’ve installed apps from any of the following developers, you should uninstall them. And make sure you match the applications against the Check Point Research list of affected applications to confirm if you have been infected:

  • Biaz Inc.
  • Biscuit Ent
  • Caracal Entertainment
  • Golden cat
  • Leopard Studio
  • Lynx StudioX
  • MajorStudioX
  • Megapelagios
  • Mochi micho
  • Pantanal Entertainment
  • Royal Chow Studio
  • Slardar Studio
  • Sunda clouded
  • Titanyan entertainment
  • White Whale Studio
  • World of TravelX

The troublesome thing about the Tekya malware is that it was impossible to detect using both Google Play Protect and a separate VirusTotal scan. In other words, you would have to rely on common sense rather than technology to avoid being hit. And this is difficult, I understand. Let’s take a look at one malicious application, Cooking Delicious:

At first glance, the game seems pretty innocent. Of course, this is a clone of any other “build [something]” game that makes you wait for your buildings or pay money for in-game currency that speeds it up. With an excellent overall rating and 2,248 reviews, the game looks unconvincing, but perfectly legal. The only thing that could confuse me, apart from its uninteresting premise, is its description. It seems concise and versatile, sort of like what one would think of in a minute or so if someone was in a rush to launch as many malware-laden apps as possible. But would that be enough to prevent the average person from installing the app? Probably no.

However, a quick search on the Internet reveals that the developer of the application, Caracal Entertainment, does not have a presence on the Internet. Of course, independent developers may not have such a game either, but I would expect a developer of a seemingly small company to have something if nothing else, a site dedicated to this game and everyone else in their portfolio, or social network account at: minimum to promote them and their efforts. This is the clue. This is not a clue, but something.

Does this mean that you should search the Internet for every developer of every application you want to download? It’s a little cumbersome, but won’t hurt. At least I would do this if the application you want to capture is not working. For example, if the screenshots are odd, irregular, or of poor quality; the app description looks like one big ongoing sentence; app reviews are horribly written but incredibly positive – and things like that. Then, perhaps take a moment to dig.

As far as these apps go, it’s good to know that the worst thing Tekya malware could do to your device, as far as I’ve seen, is eat up its battery and possibly slightly affect its performance. The malware hasn’t penetrated deeper into your Android device, so there is at least a silver lining if you’ve hijacked one of these malicious apps or games.


Leave a Reply

Your email address will not be published. Required fields are marked *