More Android Malware Found on Google Play
Cybersecurity researchers at Zscaler ThreatLabz discovered another batch of Android malware that was openly available on the Google Play store and downloaded by hundreds of thousands of users before it was removed. This group includes dozens of apps hiding the three main strains of malware: Joker, Facestealer, and Coper.
Although it sounds like a Batman scam gallery, these are three dangerous malware that perform multi-faceted attacks and can compromise personal data, steal login information, trick you into unwanted financial transactions, and even give hackers complete remote control over infected devices.
What can Joker, Facestealer and Coper do?
Like most Android malware, the offending apps were Trojans, programs that look harmless but actually contain malware. Some of the apps in the Zscaler report used sophisticated tactics to bypass Google Play’s malware checks, while others downloaded malware after the app was installed. Some of them can even bypass the antivirus software on the device using these methods.
Of the three types of malware, the majority of infections come from Joker, which has appeared in 50 apps with a total of over 300,000 downloads. Unsurprisingly, the Joker performed the vast majority of attacks; it is a widespread malware that is commonly used for Wireless Application Protocol (WAP) scams , where victims sign up for unwanted subscription services through their mobile carrier. These attacks do not require direct access to your bank or credit card information, instead relying on the infected device’s mobile data to sign up for services through your phone bill.
Most of the Joker apps in this batch of malware were messaging and communication apps that access your phone’s texting and mobile data features to purchase premium subscriptions, and then intercept and delete any confirmation texts from the services it subscribes you to. Viewing app permissions is a common way to detect dangerous software, but a communications app asking for permissions related to SMS and mobile data doesn’t seem out of place, so affected users may not know they’re paying for unwanted services unless they vigilantly review every item. on their monthly phone bill.
Joker apps will also use the personal data they use for WAP scams for other attacks such as hacking into your social media and bank accounts, but the real identity thief in this group is Facestealer.
Many legitimate apps require a Facebook, Twitter, Google, or Apple ID, but Facestealer apps use fake social media login screens that steal your login information . Fake login screens are usually loaded directly into the app and look like the real thing, so they’re easy to miss. Hackers can then use your login information to hijack your account, spread malware to your friends via messages, or worse, siphon personal information that could help them steal your identity. Zscaler found Facestealer in only one app, Vanilla Snap Camera, which only had 5,000 downloads, but there are almost certainly other Facestealer trojans masquerading as real apps on Google Play.
The latest malware, Coper, also targets your personal details and login information. It can read your text entries from your keyboard, tries to trick you with fake login screens, and even accesses and reads your texts. All of this stolen data is then surreptitiously passed on to the app’s creators to launch attacks using smishing , phishing , and even SIM spoofing. Coper is dangerous, but luckily only associated with one app, Unicc QR Scanner, which has had around 1,000 downloads. However, the danger here is that the malware was not actually hidden in the application code, but was loaded via a fake app update. This is a common tactic that hackers use to completely bypass Google Play’s malware scans as they might just add malware later.
How to stay safe
You can find the full list of malicious applications and how they carried out their attacks in the Zscaler report . The good news is that all offending apps have been removed from Google Play and disabled on devices that downloaded them from the Play Store.
However, it is only a matter of time before another Android malware is discovered. You must always protect yourself from possible threats.
We’ve covered the best ways to protect Android devices, social media accounts, and other personal data from all sorts of scams, hacks, and leaks . But when it comes to Android apps, the best way to be safe is to only install apps from reputable and trusted publishers, and only download them from trusted sources like the Google Play Store, APK Mirror, or XDA Developers.
If you decide to download an app from an unknown publisher, be sure to read the reviews first and explore the app online. However, if the app doesn’t offer features that you simply can’t get in the main publisher’s app, there’s no reason to download alternative text messaging, camera, or QR code scanning apps, especially if your phone can do it all with built-in features. comes with.
[ beeping computer ]