Security News > 2022 > December > Android malware apps with 2 million installs spotted on Google Play
A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them.
One app illustrated by Dr. Web that has amassed one million downloads is TubeBox, which remains available on Google Play at the time of writing this.
The above apps receive commands from Firebase Cloud Messaging and load the websites specified in these commands, generating fraudulent ad impressions on the infected devices.
Finally, Dr. Web discovered a set of loan scam apps claiming to have a direct relationship with Russian banks and investment groups, each having an average of 10,000 downloads on Google Play.
These apps were promoted via malvertizing through other apps, promising guaranteed investment profits.
In general, try to keep the number of installed apps on your device at a minimum and periodically check and ensure that Google's Play Protect feature is active.
News URL
Related news
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Counterfeit Android devices found preloaded With Triada malware (source)
- Triada Malware Preloaded on Counterfeit Android Phones Infects 2,600+ Devices (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps (source)
- Google adds Android auto-reboot to block forensic data extractions (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Russian army targeted by new Android malware hidden in mapping app (source)