Saturday, April 13, 2024

35 Malicious Anti-Virus Apps Discovered in Google Play store that Affected 6 Million Users

Researchers discovered 35 Malicious Android-based Anti-virus apps from Google Play store and the apps were downloaded and installed by more than 6 Million users around the world.

Many of the apps fall under this Antivirus apps list that has flying under the radar for several years and infecting millions of user without let knowing them.

These Apps are posed as legitimate antivirus removal software, but it performs various malicious activities such as pop up unwanted ads, ineffective pseudo-security and stealing the user’s mobile data.

Attackers are making these apps to be installed via fake downloads by bots that help to post a positive review and gaining the reputation in order to increase the downloads counts.

These apps are quite often detecting legitimate apps as malicious and also it mimics the basic security functions that existing in the original Antivirus apps.

Also, it generates a false security alarm in the victims mobile and forces them to perform clicks and gaining the permission of other apps.

According to ESET Analysis, among these 35 apps, only a handful stand out for their specific features: one app is not completely free as it offers a paid upgrade; one app has implemented a primitive, easily bypassed, app-locker manager; another app flags other apps from this group as dangerous by default; and finally, one misuses ESET’s branding.

Fake Anti-Virus Security Bypass Functionality

Security functionality and a detection mechanism that implemented in these fake antivirus are incompletely added and it generates a lot of false positive.

There are 4 detecting detection mechanism categories that generally exists in all kind of apps.

Permissions blacklist – All apps (including legitimate ones) are flagged if they require some of the listed permissions that are considered dangerous, such as send and receive SMS, access location data, access the camera, etc.
Source whitelist – All apps but those from the official Android store, Google Play, are flagged – even if they are completely benign.
Activities blacklist –  Apps that contain any of the  blacklisting activities

In this case, researchers clearly indicate that 35 pseudo-security apps described in this article are not, say, ransomware or other hardcore malware. The only harm they do is displaying annoying ads.

Also yes, security solution is definitely needed for protection but all the apps that named as a security or Antivirus will not provide complete security.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.


Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles