Tuesday, January 14, 2025
HomeAdware17 Malicious Android Apps Discovered in Google Play Store that Infects 550,000...

17 Malicious Android Apps Discovered in Google Play Store that Infects 550,000 Android Devices

Published on

Researchers discovered 17 malicious Android apps from the Google play store that infects nearly 550,000 Android devices around the world.

These malicious app developers added features to hide their presence on the user’s device, and constantly display aggressive ads once the app gets installed on the victims android devices.

The adware programs will tend to serve unwanted advertisements on your mobile phone and computer. The adware can be included with some apps in a legitimate way to generate revenue.

Adware was a trending threat in 2019 and continuously evolving in 2020 especially targeting Android users, and it is a sweet spot for cybercriminals due to the over popularity of Android.

All the 17 nasty apps that discovered in Google play store installed 550,000 times in total, and these are found that it was bypassed the Google play protect and flying under the Google security radar.

Malicious Apps Activities

Researchers analysed one of the apps in the list, a racing simulator that offers in-app payments for extra in-game features.

The app randomly generates popup ads the user is not playing the game and hides for some time following the installation and the ads display pattern is very hard to recognize.

The app comes with the 2 component and the first component has the malicious code and the second component is an actual game.

According to the Bitdefender research, In terms of registered receivers, the first one is for android.intent.action.BOOT_COMPLETED. When the broadcast is received, the app will begin an activity, which starts a job scheduler for showing ads.  The scheduled service starts after 10 minutes and shows an ad only once.

Cybercriminals using modified Adware SDK to the randomness of ad occurrences and display time intervals.

In other versions, including versions that were at some point on Google Play, requests to the ad web sites also contain sensitive information about the user, such as phone model, IMEI, IP address, MAC address, and location information.

Mobile users are strongly recommended to install the security solution on their devices to identify the riskware and malware and other potentially malicious apps as well as phishing or fraudulent websites.

Also, Never download the apps from third-party app stores and research the app before installing it. Here you can find the best Adware Removal Tool to Block Annoying Ads.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Google’s “Sign in with Google” Flaw Exposes Millions of Users’ Details

A critical flaw in Google's "Sign in with Google" authentication system has left millions...

Hackers Attacking Internet Connected Fortinet Firewalls Using Zero-Day Vulnerability

A widespread campaign targeting Fortinet FortiGate firewall devices with exposed management interfaces on the...

Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection

Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass...

CISA Released A Free Guide to Enhance OT Product Security

To address rising cyber threats targeting critical infrastructure, the U.S. Cybersecurity and Infrastructure Security...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

New FireScam Android Malware Abusing Firebase Services To Evade Detection

FireScam is multi-stage malware disguised as a fake “Telegram Premium” app that steals data...

Android Security Updates: Patch for Critical RCE Vulnerabilities

The January 2025 Android Security Bulletin has issued important updates regarding critical vulnerabilities that...

Stealthy Steganography Backdoor Attacks Target Android Apps

BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on...