Oasis Ticket Sales Scams: How to Stay Safe
During our weekly meetings with the banking industry and Police Scotland, we continue to see a significant increase in ticket scams over the last three…
Security researchers at Malwarebytes have published a report on a group of malicious apps found on the Google Play store, which has collectively amassed over one million downloads. The apps are disguised to look like Bluetooth connectivity and mobile data transfer software but contain malware known as HiddenAds, which is designed to open malicious phishing websites.
The apps come from a group named “Mobile apps Group” on the Google Play store, which previously had malware removed from the store.
The researchers found that the apps are designed to delay displaying malicious behaviour for several days after the user has downloaded the app, a common tactic used by malware to evade detection.
After the delay, the malware opens various phishing sites in Chrome. These sites are opened in the background, even when the device is locked. Some phishing sites distributed by the malware push users to install more malware that can supposedly improve device performance or help remove viruses.
Malwarebytes traced one of the apps, Bluetooth Auto Connect, to have been repeatedly infected with the HiddenAds malware since 2020.
The discovery of these malicious apps is not the first time malware has been seen on the Google Play store. Researchers at McAfee published a blog in July 2022 detailing the malicious activities of several apps also infected by the HiddenAds malware. These apps were posted by several different developers, some of which had been downloaded over 500,000 times.
If you have downloaded any of the applications found by Malwarebytes, it is highly recommended that you delete them.
To keep your Android phone safe from malware, avoid installing apps from unofficial Android stores, read user reviews before installing apps, and keep Google’s Play Protect feature enabled.
Google has provided a list of steps to take if you think your Android phone has been infected with malware which can be found here.
Related Links: