Thursday, October 10, 2024
HomeAdware17 Malicious Android Apps Discovered in Google Play Store that Infects 550,000...

17 Malicious Android Apps Discovered in Google Play Store that Infects 550,000 Android Devices

Published on

Researchers discovered 17 malicious Android apps from the Google play store that infects nearly 550,000 Android devices around the world.

These malicious app developers added features to hide their presence on the user’s device, and constantly display aggressive ads once the app gets installed on the victims android devices.

The adware programs will tend to serve unwanted advertisements on your mobile phone and computer. The adware can be included with some apps in a legitimate way to generate revenue.

- Advertisement - EHA

Adware was a trending threat in 2019 and continuously evolving in 2020 especially targeting Android users, and it is a sweet spot for cybercriminals due to the over popularity of Android.

All the 17 nasty apps that discovered in Google play store installed 550,000 times in total, and these are found that it was bypassed the Google play protect and flying under the Google security radar.

Malicious Apps Activities

Researchers analysed one of the apps in the list, a racing simulator that offers in-app payments for extra in-game features.

The app randomly generates popup ads the user is not playing the game and hides for some time following the installation and the ads display pattern is very hard to recognize.

The app comes with the 2 component and the first component has the malicious code and the second component is an actual game.

According to the Bitdefender research, In terms of registered receivers, the first one is for android.intent.action.BOOT_COMPLETED. When the broadcast is received, the app will begin an activity, which starts a job scheduler for showing ads.  The scheduled service starts after 10 minutes and shows an ad only once.

Cybercriminals using modified Adware SDK to the randomness of ad occurrences and display time intervals.

In other versions, including versions that were at some point on Google Play, requests to the ad web sites also contain sensitive information about the user, such as phone model, IMEI, IP address, MAC address, and location information.

Mobile users are strongly recommended to install the security solution on their devices to identify the riskware and malware and other potentially malicious apps as well as phishing or fraudulent websites.

Also, Never download the apps from third-party app stores and research the app before installing it. Here you can find the best Adware Removal Tool to Block Annoying Ads.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Mozilla Warns Of Firefox Zero-Day Actively Exploited In Cyber Attacks

A critical use-after-free vulnerability affecting Firefox and Firefox Extended Support Release (ESR) is being...

SpyCloud Embeds Identity Analytics in Cybercrime Investigations Solution to Accelerate Insider and Supply Chain Risk Analysis & Threat Actor Attribution

IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading...

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

The agreement has marked over 600,000 fraudulent domains for takedown in just two months...

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Hackers Exploiting Zero-day Flaw in Qualcomm Chips to Attack Android Users

Hackers exploit a zero-day vulnerability found in Qualcomm chipsets, potentially affecting millions worldwide.The flaw,...

Octo2 Android Malware Attacking To Steal Banking Credentials

The original threat actor behind the Octo malware family has released a new variant,...

New Android Spyware As TV Streaming App Steals Sensitive Data From Devices

Recent research has revealed a new Android malware targeting mnemonic keys, a crucial component...