Malware is believed to be linked to Sidewinder APT, a sophisticated hacking group specialized in cyber espionage attacks. Researchers at Trend Micro say FileCrypt Manager and Camero act as droppers and connect to a remote command and control server to download a DEX file. The callCam hides its icon from the menu, collects the following information from the compromised device, and sends it back to the attacker’s C&C server in the background. Google has now removed all the above-mentioned malicious apps from Play Store.
Source: https://thehackernews.com/2020/01/android-zero-day-malware-apps.html