More Android malware found on Google Play

More Android Malware Found on Google Play

Cybersecurity Researcher Discovered by ZscalerThreatLabz Yet another batch Android malware published on the Google Play store and downloaded by hundreds of thousands of users before it was removed..This group It contains dozens of apps that hide three major malware strains: Joker, Facestealer, and Coper.

Sounds like Batman’s rogue gallery, but these are With three dangerous malware that perform multifaceted attacks It can compromise your personal data, steal login information, trick unwanted financial transactions, and allow hackers full remote. Control of infected devices..

Joker, Face Stealer, Do you do Coper?

Like most Android malware, the problematic app was a Trojan horse. This looks harmless, but it is software that secretly contains malware. Some apps in Zscaler’s report used sophisticated tactics to circumvent Google Play’s anti-malware inspection, while others sideloaded malware after the app was installed. Some people can even use these techniques to bypass anti-malware on their devices.

Of the three types of malware, Joker accounted for the majority of infections and appeared in 50 apps with a total download of over 300,000. It’s not surprising that Joker was the overwhelming majority of attacks. It’s a prolific malware that is Commonly used For Wireless Application Protocol (WAP) Scamamong them Victims sign up for unwanted subscription services through their mobile operator. These attacks do not require direct access to bank or credit card information. Instead, it relies on the mobile data of the infected device to subscribe to the service via phone charges.

Most of the joker apps included in this batch of malware were messaging and communication apps that access the text messaging and mobile data features of mobile phones to purchase premium subscriptions. Then intercept and remove the confirmation text from the service you signed up for. Check app permissions Is a common way to find dangerous software, but communication apps that require SMS or mobile data-related permissions don’t look out of place, so affected users must carefully check all items to get unwanted services. You may not realize that you are paying for. For their monthly phone bill.

The Joker app also uses personal data used for WAP scams for other attacks, such as social media and bank account intrusions, Genuine The bunch of identity thieves are Facestealer.

Many legitimate apps require a Facebook, Twitter, Google, or Apple ID, but the Facestealer app Fake social media login screen stealing login information.. Spoofing login screens are usually loaded directly into the app and look real, so it’s easy to overlook them. Hackers then use your login information to hijack your account and spread more malware to your friends via messages, or worse, soak up personal information that helps them steal your identity. There is a possibility that it will happen. Zscaler found Facestealer in one app, Vanilla Snap Camera, which has only been downloaded 5,000 times, but there is almost no doubt that there are other Facestealer Trojans disguised as real apps on Google Play.

The last piece of malware, Coper, also targets personal data and login information. You can read text entries on your keyboard, try to trick you with a fake login screen, or access and read text.All this stolen data will be quietly shared and launched with the creator of the app Phishing, Fishing,Furthermore SIM swapping attack.. Coper is dangerous, but fortunately it is only associated with Unicc QR Scanner, a single app with about 1,000 downloads. However, the danger here is that the malware isn’t really hidden in the app’s code, it’s sideloaded by fake app updates. This is a common tactic used to completely circumvent Google Play’s anti-malware scans, as hackers only add malware later.

How to stay safe

For a complete list of malicious apps and how they carried out the attack Zscaler Report.. Fortunately, all the offending apps have been removed from Google Play and disabled on devices downloaded from the Play Store.

But it’s only a matter of time another Android malware round It was discovered. You should always protect yourself from possible threats.

We’ve described the best ways to protect your Android devices, social media accounts, and other personal data. All kinds of scams, hacks, leaks.. However, for Android apps, the best way to be secure is to install only apps from well-known and trusted publishers and download only from verified sources such as Google Play Store, APK Mirror, XDA Developers, etc. That is.

If you’re downloading an app from an unknown publisher, first read the reviews to find out about your app online. However, there is no reason to download an alternative text, camera, or QR code scanning app unless the app offers features not available from mainstream publisher apps. Especially if you can do all this with built-in features. Is attached.

[Bleeping Computer]