Security News > 2022 > November > These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites
A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign.
The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively downloaded over one million times.
According to Malwarebytes, the websites are designed to generate revenues through pay-per-click ads, and worse, prompt users to install cleaner apps on their phones with the goal of deploying additional malware.
It's no surprise that malicious apps have devised new ways to get past Google Play Store security protections.
Malwarebytes' analysis found the apps to have an approximately four-day waiting period before opening the first phishing site in Chrome browser, and then proceed to launch more tabs every two hours.
The apps are part of a broader malware operation called HiddenAds, which has been active since at least June 2019 and has a track record of illicitly earning revenues by redirecting users to advertisements.
News URL
https://thehackernews.com/2022/11/these-android-apps-with-million-play.html