Saturday, July 13, 2024

Malicious Android Apps on Google Play With Over 2 Million Installs

Several recently discovered malicious apps on Google Play have been found to display intrusive advertisements to users, with a total of over 2 million installations. These trojans attempt to hide themselves from users of Android smartphones after being installed.

According to detection statistics collected by Dr.Web for Android, the following trojans were detected, such as:

  • FakeApp trojan app – Employed in various fraudulent schemes
  • Joker Trojans – Force users to subscribe to paid services
  • HiddenAds – Display annoying ads

New Malicious Apps On Google Play

Threat actors are disseminated in the form of games like Agent Shooter, Rainbow Stretch, Rubber Punch 3D, and Super Skibydi Killer via HiddenAds Trojans. After being installed on Android smartphones, these trojans attempted to conceal themselves from users.

According to statistics collected by Dr.Web for Android #drweb
According to statistics collected by Dr.Web for Android #drweb
Agent Shooter (500k+ installs), Rainbow Stretch (50k+ installs)

“They replaced their icons, located on the home screen menu, with transparent versions and also changed their names so they were left blank,” according to Dr. Web’s report.

They may even replace their icons with the matching replica to make it appear like they were using Google Chrome. When users tap on such an icon, these trojans start the browser and keep running in the background. 

This reduces the chance that they may be removed too soon and makes them less noticeable. Furthermore, if these malicious applications fail to function, users will restart them, believing they are starting a browser.

Rubber Punch 3D(500k+ installs), Super Skibydi Killer (1M+ installs)
Rubber Punch 3D(500k+ installs), Super Skibydi Killer (1M+ installs)

Under the FakeApp family, other fake apps are distributed as financial software, such as apps for stock trading, guides and reference books, home accounting, etc.

“Their primary objective was to load fraudulent sites where potential victims were encouraged to become “investors,” reads the report.

Further, cybercriminals have used other fake applications to pose as various gaming apps. These may work as games in some situations, but their primary purpose was to load online casino websites.

Here are a few apps: Eternal Maze with 50k+ installs, Jungle Jewels with 10k+ installs, Steller Secrets with 10k+ installs, Fire Fruits with 10k+ installs, and much more.

One of the Joker family was disseminated as Love Emoji Messenger, an internet messenger, while another one was disguised as the image-collecting app called Beauty Wallpaper HD.

Please pay attention to reviews and ensure your Android phone has an antivirus installed to shield it against viruses and malicious apps.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Try a free trial to ensure 100% security.


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles