Credential Stuffing Surge Targets Businesses and Individuals.
The recent surge in credential stuffing attacks highlighted by Okta serves as a stark reminder of the importance of robust cyber security practices. These attacks…
Researchers find malicious adware Android apps on the Google Play store
Security researchers at Malwarebytes have published a report on a group of malicious apps found on the Google Play store, which has collectively amassed over one million downloads. The apps are disguised to look like Bluetooth connectivity and mobile data transfer software but contain malware known as HiddenAds, which is designed to open malicious phishing websites.
The apps come from a group named “Mobile apps Group” on the Google Play store, which previously had malware removed from the store.
The researchers found that the apps are designed to delay displaying malicious behaviour for several days after the user has downloaded the app, a common tactic used by malware to evade detection.
After the delay, the malware opens various phishing sites in Chrome. These sites are opened in the background, even when the device is locked. Some phishing sites distributed by the malware push users to install more malware that can supposedly improve device performance or help remove viruses.
Malwarebytes traced one of the apps, Bluetooth Auto Connect, to have been repeatedly infected with the HiddenAds malware since 2020.
The discovery of these malicious apps is not the first time malware has been seen on the Google Play store. Researchers at McAfee published a blog in July 2022 detailing the malicious activities of several apps also infected by the HiddenAds malware. These apps were posted by several different developers, some of which had been downloaded over 500,000 times.
If you have downloaded any of the applications found by Malwarebytes, it is highly recommended that you delete them.
To keep your Android phone safe from malware, avoid installing apps from unofficial Android stores, read user reviews before installing apps, and keep Google’s Play Protect feature enabled.
Google has provided a list of steps to take if you think your Android phone has been infected with malware which can be found here.
Related Links:
Related articles
Cisco Firewall Vulnerabilities: Urgent Action Needed to Protect Against State-Sponsored Espionage
Businesses and organisations relying on Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defence (FTD) firewalls are being advised to take immediate action to protect…
Cybercriminals Threaten Release of Sensitive World-Check Database
A recent cyber attack has resulted in a serious data breach affecting the World-Check database, a critical tool used by financial institutions and other organisations…