Security News > 2022 > January > ‘Dark Herring’ Billing Malware Swims onto 105M Android Devices
Nearly 500 malicious apps lurking on the Google Play Store have successfully installed Dark Herring malware - a cash-stealer intended to add sneaky charges onto mobile carrier bills - on more than 100 million Android devices across the globe.
Dark Herring malware was discovered by a research team with Zimperium, who estimate the amount the campaign has been able to steal totals in the hundreds of millions, in increments of $15 a month per victim.
"The download statistics reveal that more than 105 million Android devices had this malware installed, falling victim to this campaign globally, potentially suffering incalculable financial losses," Zimperium's report said.
The Zimperium analysts who identified Dark Herring said that the scamware is likely the work of a new group, which uses novel techniques and infrastructure.
Dark Herring's triumph was the result of a combination of savvy tactics, the analysts said; namely, the use of geo-targeting to deliver the application in the victim's native language.
The group behind Dark Herring also managed to stand up 470 high-quality applications that passed official app store muster, which demonstrates that this is a sophisticated operation, analysts noted.
News URL
https://threatpost.com/dark-herring-billing-malware-android/178032/
Related news
- TrickMo malware steals Android PINs using fake lock screen (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)