Recently an app named Album by Google Photos is found in Microsoft Store that pretends to be from Google. When installing this malicious app, users are asked to click the ads service. Here, this post will show some details about this fake Google Photos app.

Microsoft Store Has a Google Photos App: It’s Fake Actually

Fake Google Photos App Is Found in Microsoft Store

Due to the lack of apps in the Microsoft Store, Microsoft has prompted PWA apps in the past two years. Firstly proposed by Google in 2015, PWA, a web application, can load like the regular website but offers users functionalities including pushing notifications, working offline, etc.

It is easy to use PWA, so it also gives the Microsoft opportunity to bring apps from its rival services easily to Windows.

That seems to be exactly what is happening, but it leaves users at risk in a quite underhanded and deceptive way.

Recently a malicious app named Album by Google Photos app has been found in the Microsoft Store. And it pretends to come from Google, but actually, it is an ad clicker that can repeatedly open hidden advertisements in Windows 10.

On first sight, this app looks legit since it claims to be created by Google LLC and uses the official description “a photos app that’s as smart as you”. Besides, the privacy policy link on the Store page also points to the official privacy policy page of Google.

But most likely, this Google Photos app is a fake application. Google’s official Microsoft Store account is Google Inc. rather than Google LLC. When checking released apps by Google over the years, you will notice that Microsoft Store always used the Google Inc. account but not Google LLC.

Above all, this app was published in the Store in May, but Google itself hasn’t announced it on any official media channel. For example, GooglePhotos, Twitter account, doesn’t mention it; no any company blog indicates that Google has released Google Photos in Microsoft Store.

Album by Google Photos Is Bundled with Ads

According to the feedback from users who have installed this app, they come across malicious advertisements. One user says “My paid Anti-malware solution detected several attempts to download malware by this app. Watch out“.

Some persons have installed this app on a test machine and dug into the folder of this app, finally, they find a program called Block Craft 3D. This program has nothing to do with Google Photos.

The interesting thing is that they also find a photo called thankyou.jpg in the folder encouraging users to click on the advertisements.

What to Do Next

Fake apps in the Microsoft Store are a big problem. Many developers create listings that look exactly like popular apps. And it is not known how an app like this could have passed the review process by Microsoft and always tricks Google’s certification system with ads & malware.

It’s clear that the developers of the fraudulent app are responsible for these actions, but Microsoft should be also blamed for it since Microsoft doesn’t protect Windows users and it also set up barriers to prevent users from checking app developers.

Currently, Microsoft should remove the fake Google Photos app from its Store. In the future, it should have a better certification system to make sure that fake apps stay out of the market.

On the other hand, to protect the PC from malware, users should take measures, for example, install an antivirus program, enable the firewall, back up important files or the operating system with safe & reliable Windows backup software, MiniTool ShadowMaker, and so on.

  • linkedin
  • reddit