Newly discovered Fake Android Apps in Google play store that posed as offering security proving unwanted ads and other potential cyber threats to installed user device and collection a lot of sensitive information.
In this case, 35 Malicious Fake Android Apps discovered in official Google Play Store that posed as security apps but it doesn’t contain any of security future.
A lot of these fake security apps are impersonating as security application and show malicious ads to generating revenue.
All the discovered Fake Android Apps installed over 6 Million times in the user devices and these apps are being under the radar for last few years.
Also not all the apps were downloaded manually but some of these applications are downloaded and installed by bots to post positive reviews and improve their respective app’s ratings.
It Mimics as very primitive security checkers relying on a few trivial hardcoded rules and eventually it flag legitimate security apps as malicious.
Also, it creates false alerts to victims as your mobile under potential risk state by malware which actually doesn’t perform any malicious activities.
According to ESET Researchers, among these 35 apps, only a handful stand out for their specific features: one app is not completely free as it offers a paid upgrade; one app has implemented a primitive, easily bypassed, app-locker manager; another app flags other apps from this group as dangerous by default.
All the flagged fake security apps are posed as actual mobile security solutions and it staying under the radar to avoid detection and their app detection mechanisms easy to bypass.
These fake security apps are 4 categories that contain Security-mimicking functionality
Package name whitelist & blacklist
Its Whitelisting Popular apps such as Facebook, Instagram, LinkedIn, Skype and others. its blacklist few apps.
Permissions blacklist
All apps (including legitimate ones) are flagged if they require some of the listed permissions that are considered dangerous, such as send and receive SMS, access location data, access the camera, etc.
Source whitelist
All apps but those from the official Android store, Google Play, are flagged – even if they are completely benign.
Activities blacklist
All apps that contain any of the blacklisted activities: that is, parts of applications. This mainly concerns some ad-displaying activities.
You can Refer the ESET for IOC’s and Fake AntiVirus Apps Name.
The popular network mapping and security auditing tool Nmap has released version 7.96, featuring a…
Cisco has issued an urgent security advisory (ID: cisco-sa-iosxe-privesc-su7scvdp) following the discovery of multiple privilege…
Cisco has issued an urgent security advisory (cisco-sa-twamp-kV4FHugn) warning of a critical vulnerability in its…
OpenCTI (Open Cyber Threat Intelligence) stands out as a free, open source platform specifically designed…
The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber extortion…
A critical security flaw has been discovered in Cisco IOS XE Wireless LAN Controllers (WLCs),…
