Malicious Apps hosted in Google play store is a never ending process, researchers from Zsclarer and ESET reported dozens of the app that contain aggressive adware strains.
These fake mods reached up to 990,000 installs and they were split into two categories
These components only have necessary modules for installation, once it launched it seeks for admin permission.
If admission permission provided it will launch “INSTALLER MOD” to install additional modules “Block Launcher Pro” with several admin rights.
Upon installing it brings the user to dead end – a static Minecraft-themed screen with no clickable elements displayed on the screen,14 apps impersonating Minecraft mods with up to 80,000 installs has been discovered by ESET.
It just uses the old trick, once it launched it shows the download button. If the user clicks the download button it will take them to scam websites showing a various range of advertisements.
Remaining 73 apps fall into this category and they have reached up to 910,000 installs before they reported.
Four out of the 12 applications that were accounted for this suspicious activity have been downloaded in between 10,000 to 50,000 times.
In order to hide from Google’s Antivirus system, these apps will not show any activity for first six hours.
These apps once installed will communicate with the predefined C&C server to get instructions. The C&C server issue commands to the app to display various advertisements on the device.
Also Read:
Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker…
Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes…
DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with…
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine.…
In a historic move, Microsoft has made the source code for MS-DOS 4.0, one of the most influential operating systems…
A new attack campaign has been discovered to be employed by the FROZEN#SHADOW, which utilized SSLoad malware for its operations…