Wednesday, March 16, 2022

The Google Play Store is littered with dangerous trojans

The Google Play Store is reportedly littered with trojans and malware-infected apps that are stealing sensitive information, and money, from unsuspecting victims.

Cybersecurity researchers from Dr. Web recently analyzed the state of the mobile app store, and found that the number of trojanized apps (seemingly legitimate applications, carrying trojans either directly within code, or by means of “updates” or “addons”) is “spiking”.

In most cases, the compromised apps are either cryptocurrency wallets and management apps, investment app clones, or photo editors. While Google managed to remove most of the apps from the store already, some persisted, with one of the apps from the list - Top Navigation - still available on the Play Store at press time.

TechRadar needs you!

We're looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn't take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.

>> Click here to start the survey in a new window <<

That app, together with another one from the same developer - called Advice Photo Power, have been downloaded more than 600,000 times, although the users don’t seem to be all too pleased with the apps, judging by the comments.

Squeezing past Google's defenses

When they’re not stealing sensitive data, these apps will load affiliate service sites, or trick people into enabling paid subscriptions.

But squeezing a malicious app into Google Play Store - and keeping it there - is a difficult task. That’s why threat actors also use other online communities, such as websites, forums, or social media channels, to distribute the apps. 

Dr. Web’s report says that one of the most significant threats this year - various WhatsApp mods - were distributed just like that. These mods include GBWhatsApp, OBWhatsApp, or WhatsApp Plus, which claim to offer support for additional languages, home screen widgets, call blocking, or other features that aren’t available in the actual app. 

Once installed, some of these apps will even download additional malicious APKs, claiming that they’re downloading an update.

To keep the Android device safe from various threats, users should stay away from downloading apps from third-party sources, make sure to always read comments and reviews before downloading an app from the Play Store, to pay attention to the permissions each new app is asking for, watch for any unexpected battery drain, and to monitor all of the online purchases made by various mobile apps, researchers have warned.

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/jxQ6GSz

No comments:

Post a Comment

Microsoft could tempt PC gamers away from Chrome with nifty new ‘Game Assist’ mode for its Edge browser

Game Assist mode is part of the Game Bar and is now in testing It pops up a compact Edge panel right in your gaming session You can loo...