Security News > 2020 > February > Malicious Optimizers Hosted on Google Play Amassed 470,000 Downloads
Malicious optimizer, booster, and utility applications hosted on Google Play gathered nearly half a million downloads before being taken down, Trend Micro reports.
Four of the apps gathered more than 100,000 downloads each before Google removed them from the official storefront.
The app can also download malware variants or other payloads on the infected device to perform additional ad fraud techniques, including simulating a user clicking on ads for malicious Google Play application.
The malicious payloads can also install rewarded apps from mobile advertising platforms - in a virtual environment, to prevent user detection - and can trick users into enabling accessibility permissions and deactivating Google Play Protect.
"Fraudsters attempt to deceive users by making malicious apps look genuine, so users should do their due diligence before downloading any mobile app. Verifying an app's legitimacy is typically done by checking user-created reviews on the Play Store. However, in this particular case, the malicious app is capable of downloading payloads that can post fake reviews unbeknownst to the user," Trend Micro concludes.
News URL
Related news
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)