Saturday, April 13, 2024

85 Malicious Android Apps Discovered in Google Play Store that Affected 9 Million Users

Researchers discovered around 85 malicious adware apps from Google play store that downloads more than 9 million Android users around the world.

These 85 malicious apps uploaded under various categories on the Google Play store such as game, TV, and remote control simulator apps.

This adware family detect as AndroidOS_HidenAd and apps are capable of performing various malicious activities including displa full-screen ads, hiding itself, monitoring a device’s screen unlocking functionality, and running in the mobile device’s background.

All the apps were uploaded by developers for an only purpose to make illegal money by displaying the various unwanted ads in installed victims mobiles.


A screen capture of some of the adware apps

An App called Easy Universal TV Remote fall under most downloaded app among 85 apps that allow users to control their TV by installing it on their smartphone that already downloaded more than 5 million users.

Adware app that claims to control TV

Adware Apps Infection Behavior

An investigation that conducted on these apps reveals that the apps were uploaded by different developers and its related to different adware families with APK cert public keys and they are using similar ad behavior.

Once it download an installed into the victims mobile, it shows the full screen popup ads.

Trend Micro Researchers said, “Upon closing the first ad, call to action buttons such as “start,” “open app,” or “next,” as well as a banner ad will appear on the mobile device’s screen. Tapping on the call to action button brings up another full-screen ad.”

If users try to close the apps then it popups with more options on the screen to perform actions by creating the curiosity from users to click on it.

Afterwords The fake app keep runs in a device’s background after hiding itself. Though hidden, the adware is configured to show a full-screen ad every 15 or 30 minutes on the user’s device.

Especially some of the apps contains a behavior of monitoring the screen unlocking action and every time it popup the ads screen unlock moment done by user.

All the apps were reported to Google and the apps were removed from Goolge Platstore but developer still earning money from millions of already installed Android Devices.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.

Also Read:

Beware !! These 22 Malware Apps in Playstore Drained Your Battery & Steal Personal Data – 2M Users Infected

Android Malware in QR Code apps that Downloaded More than 500,000 times from Play Store

Website

Latest articles

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its...

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities...

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio...

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics...

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user...

Cyber Attack Surge by 28%:Education Sector at High Risk

In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average...

Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles