Security News > 2022 > January > ‘Dark Herring’ Billing Malware Swims onto 105M Android Devices
Nearly 500 malicious apps lurking on the Google Play Store have successfully installed Dark Herring malware - a cash-stealer intended to add sneaky charges onto mobile carrier bills - on more than 100 million Android devices across the globe.
Dark Herring malware was discovered by a research team with Zimperium, who estimate the amount the campaign has been able to steal totals in the hundreds of millions, in increments of $15 a month per victim.
"The download statistics reveal that more than 105 million Android devices had this malware installed, falling victim to this campaign globally, potentially suffering incalculable financial losses," Zimperium's report said.
The Zimperium analysts who identified Dark Herring said that the scamware is likely the work of a new group, which uses novel techniques and infrastructure.
Dark Herring's triumph was the result of a combination of savvy tactics, the analysts said; namely, the use of geo-targeting to deliver the application in the victim's native language.
The group behind Dark Herring also managed to stand up 470 high-quality applications that passed official app store muster, which demonstrates that this is a sophisticated operation, analysts noted.
News URL
https://threatpost.com/dark-herring-billing-malware-android/178032/
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)