Security News > 2023 > May > Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads
A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022.
Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and smartphone wallpaper packs.
In a sign that Fleckpe is being actively developed, recent versions of the malware have moved most of the malicious functionality to the native library in a bid to evade detection by security tools.
This is not the first time subscription malware has been found on the Google Play Store.
While such apps are not as dangerous as spyware or financial trojans, they can still incur unauthorized charges and be repurposed by its operators to harvest a wide range of sensitive information and serve as entry points for more nefarious malware.
The findings are yet another indication that threat actors are continuing to discover new ways to sneak their apps onto official app marketplaces to scale their campaigns, requiring that users exercise caution when downloading apps and granting permissions to them.
News URL
https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.html
Related news
- Free VPN apps on Google Play turned Android phones into proxies (source)
- Google rejected 2.28 million risky Android apps from Play store in 2023 (source)
- PixPirate Android malware uses new tactic to hide on phones (source)
- Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites (source)
- Google's new AI search results promotes sites pushing malware, scams (source)
- Apps secretly turning devices into proxy network nodes removed from Google Play (source)
- Vultur banking malware for Android poses as McAfee Security app (source)
- Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies (source)
- Google rolls out new Find My Device network to Android devices (source)
- SoumniBot malware exploits Android bugs to evade detection (source)