@OP, are there ways of identifying this type of malware, aside avoiding unnecessary downloads or using fake play stores?.
I expect that installing a good antivirus program can detect this type of advanced malware. There’s also a feature I once found in an antivirus app that automatically removes permissions from idle apps after a certain period and that’s truly a useful feature.
Also, if you download applications from Google Play, you should look at the app’s reviews , the number of downloads, and the permissions that these applications can access.
You should be careful of obscure or poorly rated apps related to cryptocurrencies, and these apps should be regularly updated.. One major mistake many people make is saving their seed phrases as screenshots or sending them through chat apps . These phrases should be stored offline only.