Security News > 2021 > April > Android malware found embedded in APKPure store application
Security researchers found malware embedded within the official application of APKPure, a popular third-party Android app store and an alternative to Google's official Play Store.
The malware was discovered by Kaspersky and Dr.Web malware analysts embedded within an advertisement SDK included with APKPure version 3.7.18.
"The identified malicious code embedded in APKPure operates in the following way: upon launch of the application, the payload is decrypted and launched," Kaspersky said.
The damage inflicted by this trojan varies depending on the Android version running on the compromised devices, ranging from being signed up for paid subscriptions and seeing intrusive ads on current versions to having unremovable malware like xHelper deployed on the system partition.
While no official download stats are available for the APKPure app, Kaspersky says that it has so far blocked the malware on the devices of 9,380 Android users running its security solutions on their devices.
Indicators of compromise, including APKpure app, payload, and malware sample hashes, are available at the end of Kaspersky's report.
News URL
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)