Security News > 2023 > May > Android apps with spyware installed 421 million times from Google Play
A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play and collectively downloaded over 400 million times.
In the background the trojan SDK checks the Android device's sensor data to confirm that it's not running in a sandboxed environment, commonly used by researchers when analyzing potentially malicious Android apps.
All but one of the above apps have been removed from Google Play, indicating that Google received reports about the malicious SDK and removed the offending apps until the developers submitted a clean version.
If you use any of the apps listed above, you should update to the latest version available via Google Play, which should be clean.
New Chameleon Android malware mimics bank, govt, and crypto apps.
Roid malware infiltrates 60 Google Play apps with 100M installs.
News URL
Related news
- New North Korean Android spyware slips onto Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Malicious Android 'Vapor' apps on Google Play installed 60 million times (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- How Google tracks Android device users before they've even opened an app (source)
- Google fixes Android zero-day exploited by Serbian authorities (source)
- Google expands Android AI scam detection to more Pixel devices (source)
- Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud (source)
- Google Gemini's Astra (screen sharing) rolls out on Android for some users (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)