Security News > 2022 > July > Malicious Android apps with 300K installs found on Google Play
Cybersecurity researchers have discovered three Android malware families infiltrating the Google Play Store, hiding their malicious payloads inside many seemingly innocuous applications.
The malicious activities suffered by users who installed the malware apps included stolen data, social media account takeovers, SMS interception, and unauthorized charges to their mobile numbers.
The analysts informed Google of their findings, and all apps have since been removed from the Play Store.
Almost half of them are communication apps because these naturally require users to grant access to risky permissions, so it's easier for the malware to acquire the high-level privileges needed for its malicious operation.
"Many Joker apps hide the payload in the assets folder of the Android Package Kit and creates an ARM ABI executable to avoid detection by most sandboxes which are based on x86 architecture," explains Zscaler in the report.
To keep the chances of installing a malicious app from the Google Play Store, only install the absolutely essential applications, read reviews before installing an app to see if anyone found malicious behavior, and trust only large well-known publishers.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification (source)