Beware - another dangerous Android malware has had millions of downloads from the Google Play Store
Infostealing Android malware lurking in the Play Store
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybersecurity researchers from Dr. Web have found half a dozen mobile apps lurking inGoogle’sPlay Store, that are actually distributinginforstealers, adware, and other forms of malware viaAndroidapps that between them have more than two million downloads.
The researchers have found five malicious apps, including PIP Pic Camera Photo Editor, a malicious app with more than a million downloads, pretending to be image-editing software. In reality, it steals people’s Facebook credentials.
Other malicious apps include Wild & Exotic Animal Wallpaper, an adware app that replaces its name to SIM Tool Kit, as soon as it’s downloaded (500,000 downloads), ZodiHoroscope - Fortune Finder, another Facebook credential-stealing app (500,000 downloads), PIP Camera 2022, pretending to be a camera effects app (Facebook infostealer with 50,000 downloads), and Magnifier Flashlight, adware with 10,000 downloads.
Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.
Sneaking into legitimate stores
At press time, these apps were still available for download on the Play Store, and judging by the reviews posted on the app repository, people aren’t happy, as apps are quite obviously fraudulent.
Besides these five apps, the researchers found four more which are no longer available to the general public, including a racing game, an app that offers the recovery of deleted photos, a fake state compensation app for the Russian-speaking community, and an app that promises free access to Only Fans.
Over a billion Google Play Store app downloads could be infected by malware>New Google Play Store policy cracks down on call-recording apps>The Google Play Store is littered with dangerous trojans
While these may have been removed from the Play Store, people that have downloaded them in the past are still at risk, until they remove them from their endpoints, using antivirus software, or othermalware-removing solutions.
Security pros were always vocal how people should only download apps from verified sources, but the App Store, or the Play Store, are not immune to cyberattacks. Users should always stay vigilant with their devices, keeping them updated, having an antivirus solution installed, and monitoring incoming and outgoing traffic with firewalls.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
How to watch Wolf Hall: The Mirror and the Light FREE online from anywhere
