Security News > 2022 > January > ‘Dark Herring’ Billing Malware Swims onto 105M Android Devices
Nearly 500 malicious apps lurking on the Google Play Store have successfully installed Dark Herring malware - a cash-stealer intended to add sneaky charges onto mobile carrier bills - on more than 100 million Android devices across the globe.
Dark Herring malware was discovered by a research team with Zimperium, who estimate the amount the campaign has been able to steal totals in the hundreds of millions, in increments of $15 a month per victim.
"The download statistics reveal that more than 105 million Android devices had this malware installed, falling victim to this campaign globally, potentially suffering incalculable financial losses," Zimperium's report said.
The Zimperium analysts who identified Dark Herring said that the scamware is likely the work of a new group, which uses novel techniques and infrastructure.
Dark Herring's triumph was the result of a combination of savvy tactics, the analysts said; namely, the use of geo-targeting to deliver the application in the victim's native language.
The group behind Dark Herring also managed to stand up 470 high-quality applications that passed official app store muster, which demonstrates that this is a sophisticated operation, analysts noted.
News URL
https://threatpost.com/dark-herring-billing-malware-android/178032/
Related news
- SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Russian army targeted by new Android malware hidden in mapping app (source)
- Android malware Crocodilus adds fake contacts to spoof trusted callers (source)