The NCC-CSIRT stated this in an advisory on Tuesday.
It said, “The Nigeria Computer Emergency Response Team (ngCERT) has continued to observe and monitor the constant introduction of malicious mobile applications into Google Play Store.
“Mobile apps Group has a history of distributing malware-infected apps through the Google Play store, and the current batch of apps has already been downloaded over a million times.”
It stated that the group’s malicious apps included: Bluetooth Auto Connect; Bluetooth App Sender; Driver: Bluetooth, Wi-Fi, USB; and Mobile transfer: smart switch.
It further disclosed that the malicious activities of these apps were high in probability and potential to do damage.
The NCC-CSIRT disclosed, “The apps will delay the display of ads for up to three days after installation to avoid detection.
“However, once this period has passed, the user is bombarded with advertisements and is directed to malicious phishing websites in the Chrome browser. While the device is idle, the malicious app can open Chrome tabs in the background. Some of the sites it opens may appear to be harmless, but they are pay-per-click pages that generate revenue for the developers when clicked on.”
It explained that the consequences of installing the malicious apps included the user being bombarded with advertisements, theft of sensitive user data, clicking on the ads resulting in the stealth download or installation of additional malware, as well as the user privacy and data being jeopardised.