Tuesday, December 5, 2023

Delete Now! – These 21 Apps With More Than 7 Million Downloads Contains Malware

Researchers found 21 malicious adware apps on Google play that disguised as gaming apps. These apps have adware hidden by design and have anti-uninstall and evasion functions.

The 21 gaming apps in question were found to be downloaded more than eight million. These apps come packed with adware which is a part of the HiddenAds family.

21 Malicious Apps

Generally, adware apps come itself hidden with fun or useful application, this time with the gaming apps that promise to virtually “let your car fly across the road, trees, hills,” but their main motive is to serve ads.

The adware is Potentially Unwanted apps, it also termed as advertising software, it directs you to the malicious websites and collects user information.

Apart from generating revenue they can also secretly include anonymous new toolbars, extensions, and alter the home page.

In this instance “users reported they were targeted with ads promoting the games on YouTube and the cybercriminals targets younger audience,” reads Avast blog post.

Google does its best to protect the play store from malicious apps, but still, the malicious apps keep finding new ways to disguise their true purpose.

“Users need to be vigilant when downloading applications to their phones and are advised to check the applications’ profile, reviews, and to be mindful of extensive device permission requests,” says Jakub Vávra, Threat Analyst at Avast.

Avast reported the findings to Google and all the listed apps from the playstore now.

Here you can find the list of 21 malicious apps if you have any apps installed on your device remove it.

Recommended Mitigation

  • Keep your mobile device up-to-date with the latest software updates from legitimate sources.
  • Keep Google Play Protect on.
  • Do not download mobile apps from unofficial or unauthorized sources. Most legitimate Android apps are available on the Google Play Store.
  • Always apply critical thinking and consider whether you should give a certain app the permissions it requests.
  • When in doubt, check the APK signature and hash in sources like VirusTotal before installing it on your device.
  • Use mobile threat detection solutions for enhanced security.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read:

Hackers Spread Android Malware Via Coronavirus Safety App & Gain Contacts Access to Infect All of Them via SMS

Cookiethief – Android Malware that Gains Root Access to Steal Browser & Facebook App Cookies

Google Play Store Flooding with Spyware, Banking Trojan, Adware Via Games, and Utility Apps

Website

Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Booking.com Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles