Security News > 2021 > April > Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store
Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud.
The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700,000 downloads before they were discovered and removed from the platform.
"Posing as photo editors, wallpapers, puzzles, keyboard skins, and other camera-related apps, the malware embedded in these fraudulent apps hijack SMS message notifications and then make unauthorized purchases," researchers from McAfee said in a Monday write-up.
The fraudulent apps belong to the so-called "Joker" malware, which has been found to repeatedly sneak past Google Play defenses over the past four years, resulting in Google removing no fewer than 1,700 infected apps from the Play Store as of early 2020.
The malware authors typically employ a technique called versioning, which refers to uploading a clean version of the app to the Play Store to build trust among users and then sneakily adding malicious code at a later stage via app updates, in a bid to slip through the app review process.
Cool Girl Wallpaper/SubscribeSDK. Users who have downloaded the apps are urged to check for any unauthorized transactions while also taking steps to watch out for suspicious permissions requested by apps and carefully scrutinize apps before they are installed on the devices.