Security News > 2021 > December > 300.000+ users downloaded malware droppers from Google Play

300.000+ users downloaded malware droppers from Google Play
2021-12-01 12:23

Since August 2021, malware peddlers have managed to spread four families of Android banking trojans via malware droppers introduced in Google Play.

They did it by employing a series of tricks to bypass the app store's restrictions, evade automatic detection, and trick users into believing the apps they downloaded are legitimate and innocuous.

According to researchers from fraud prevention outfit ThreatFabric, the malware droppers posed as PDF scanners, QR code scanners, cryptocurrency apps, self-training, authenticator, and security apps, and were collectively downloaded over 310,000 times.

Malware peddlers introduce droppers into Google Play, masquerading as helpful apps that are actually working2.

Potential victims are tricked into downloading the initial droppers because the usual advice for vetting apps - checking out user comments, avoiding apps with a small number of downloads, checking out the app website - doesn't work here.

"Actors behind it took care of making their apps look legitimate and useful. There are large numbers of positive reviews for the apps. The number of installations and presence of reviews may convince Android users to install the app," they concluded.


News URL

https://www.helpnetsecurity.com/2021/12/01/droppers-google-play/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 141 994 4922 2872 1623 10411