A fresh wave of Android malware has arrived. Bitdefender researchers have discovered 35 apps that are a part of this operation. The apps change their name and icon after installation in order to covertly offer aggressive adverts, and they exploit false pretenses to entice users to install them. On the Google Play Store, they have received over two million downloads altogether.

TWO MILLION DOWNLOADS OF THIS ANDROID MALWARE CAMPAIGN HAVE BEEN RECOVERED SO FAR. One of the apps is published on the Play Store with the name GPS Location Maps and has received over 100k downloads, according to the new study report. Unaware consumers download it in the hopes that it will provide navigational assistance. However, after installation, the program adopts the same icon as the default Settings app and changes its name to Settings. The user experience is then hampered by the display of aggressive web pages and advertisements.

After installation, some malicious programs ask for permission to disable the battery optimization option. If permitted, they can use foreground services to maintain their existence. When all active apps are closed, you cannot kill them. Some of them even request authorization to appear over other programs. The researchers anticipate that this might give threat actors the ability to replicate user clicks and generate revenue from advertisements.

Advertisement It’s challenging for consumers to recognize the apps because they employ fictitious names and icons. Of course, you’d assume that one of the Settings icons in your app drawer is a phony if there were two of them. However, the criminals behind this virus operation have already considered that and have given the program a trick to make sure it isn’t detected. The system Settings app is launched when you start the app, which opens at 0 size in the bottom-right corner of the screen. By doing this, users are led to believe that the software is legitimate.

These apps conceal themselves from recently used apps as a further deception technique. They don’t appear in your phone’s list of recently used apps. Therefore, examining all of the open apps won’t help you catch them. In order to make reverse engineering challenging, the makers of these programs incorporated significant code obfuscation and encryption, as the researchers say ( via ) pointed out.

STOP USING THESE 35 APPS RIGHT AWAY. As was previously mentioned, 35 Android apps were found to be a part of this malware campaign by Bitdefender experts. The list also contains the following applications in addition to the aforementioned GPS Location Maps. These apps appear to have been taken down by Google from the Play Store. Some consumers might still have them on their phones, though, as there have already been two million installs. See if any of them are included in the list of installed apps on your device. If you do, take them out right away.

Advertisement

SHARE
TWEET

You may also like