Security News > 2022 > October > Android malware droppers with 130K installs found on Google Play
A set of Android malware droppers were found infiltrating the Google Play store to install banking trojans pretending to be app updates.
Malware droppers are a challenging category of apps to stop because they do not contain malicious code themselves and thus can more easily pass Google Play reviews when submitted to the store.
Researchers at Threat Fabric, who discovered the new set of droppers, report a rise in the use of droppers for Android malware distribution precisely because they can offer a stealthy pathway to infecting devices.
Like the SharkBot droppers, these droppers also display a request to install a fake update, this time disguised as a Google Play notice.
The use of droppers has become a reliable method for malware installs to bypass scanners and fraud detection mechanisms; hence their deployment rate is expected to grow further.
"Distribution through droppers on Google Play still remains the most"affordable" and scalable way of reaching victims for most of the actors of different level," warns Threat Fabric.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Fake Homebrew Google ads target Mac users with malware (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)