Security News > 2023 > May > Android apps with spyware installed 421 million times from Google Play
A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play and collectively downloaded over 400 million times.
In the background the trojan SDK checks the Android device's sensor data to confirm that it's not running in a sandboxed environment, commonly used by researchers when analyzing potentially malicious Android apps.
All but one of the above apps have been removed from Google Play, indicating that Google received reports about the malicious SDK and removed the offending apps until the developers submitted a clean version.
If you use any of the apps listed above, you should update to the latest version available via Google Play, which should be clean.
New Chameleon Android malware mimics bank, govt, and crypto apps.
Roid malware infiltrates 60 Google Play apps with 100M installs.
News URL
Related news
- Free VPN apps on Google Play turned Android phones into proxies (source)
- Apps secretly turning devices into proxy network nodes removed from Google Play (source)
- Google: Spyware vendors behind 50% of zero-days exploited in 2023 (source)
- Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies (source)
- Google rolls out new Find My Device network to Android devices (source)
- 'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan (source)
- Google rejected 2.28 million risky Android apps from Play store in 2023 (source)
- Google now pays up to $450,000 for RCE bugs in some Android apps (source)
- Bug hunters can get up to $450,000 for an RCE in Google’s Android apps (source)