Security News > 2022 > October > Android malware droppers with 130K installs found on Google Play
A set of Android malware droppers were found infiltrating the Google Play store to install banking trojans pretending to be app updates.
Malware droppers are a challenging category of apps to stop because they do not contain malicious code themselves and thus can more easily pass Google Play reviews when submitted to the store.
Researchers at Threat Fabric, who discovered the new set of droppers, report a rise in the use of droppers for Android malware distribution precisely because they can offer a stealthy pathway to infecting devices.
Like the SharkBot droppers, these droppers also display a request to install a fake update, this time disguised as a Google Play notice.
The use of droppers has become a reliable method for malware installs to bypass scanners and fraud detection mechanisms; hence their deployment rate is expected to grow further.
"Distribution through droppers on Google Play still remains the most"affordable" and scalable way of reaching victims for most of the actors of different level," warns Threat Fabric.
News URL
Related news
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Android malware found on Amazon Appstore disguised as health app (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Fake Homebrew Google ads target Mac users with malware (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)