 |
| Malicious Android app downloaded 2 million times from Google Play is being monitored |
A new batch of malicious Android apps, adware and phishing apps has infiltrated the Google Play Store, tricking more than 2 million users into installing them.
Dr. Antivirus Service. The web found these apps and explained that these apps pretend to be useful utilities and improve system performance, but they are quite the opposite.
D says TubeBox was one such app I found, it's been downloaded a million times and it looks like it was recently removed from the App Store.
TubeBox promised users monetary rewards for watching videos and ads on the app, but never delivered as it showed many errors while trying to retrieve the rewards collected from users. Users who have completed the last withdrawal stage have not received any funds. It is believed that its purpose is to allow users to stay in the app as long as possible, watch ads and generate revenue for the platform. Developer.
Dr. Web says other promotional Android apps that appeared on the Google Play Store last October but have since been removed include the Bluetooth Device Auto-Connect app, which has been downloaded 1 million times, and Bluetooth & Wi-Fi & Drivers, which has 100,000 downloads. Once, Volume & Music Equalizer app has been downloaded 50,000 times and Fast Cleaner & Cooing Master has been downloaded 500 times.
The apps receive commands from Firebase Cloud Messaging, Google's cross-platform messaging and notification platform, and the apps load websites specified in those commands, causing deceptive ads to appear on infected devices.
In the case of the smaller Fast Cleaner & Cooling Master application, a remote operator can configure an infected machine to act as a proxy server, allowing the hacker to route their traffic through the infected machine.
I discovered dr. Web, a collection of credit fraud apps claiming to be directly linked to Russian banks and investment groups, averaging 10,000 downloads each on the Google Play Store.
These apps are promoted through malicious ads within other apps that promise guaranteed investment profits. This is because these apps lead users to phishing websites that collect their personal information.
To prevent rogue apps from appearing on the Google Play Store, users are advised to always check negative reviews, read privacy policies, and visit developer websites to rate their reliability. In general, everyone is advised to keep the number of apps installed on their device to a minimum and regularly check if Google Play Protect is enabled.