Several malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices. In their latest monthly mobile threat report, Doctor Web's analysts identified trojans on Google Play associated with the 'FakeApp,' 'Joker,' and the 'HiddenAds' malware families. Dr. Web explains that once victims install these apps on their devices, they hide by replacing their icons with that of Google Chrome or using a transparent icon image to create empty space in the app drawer. These apps run stealthily in the background upon launch, abusing the browser to launch ads and generate revenue for their operators. The analysts also discovered several apps belonging to the FakeApp family, which direct users to investment scam sites. In other cases, Dr. Web spotted game apps that loaded dubious online casino websites in violation of Google Play policies. All the apps presented in this report have been removed from Google Play by the time of writing. Still, users who might have installed them in the past must delete them immediately and perform a complete device scan using Play Protect and a mobile antivirus tool. Dr. Web has also published a list of hashes for all malicious Android apps its analysts discovered last month on GitHub. To avoid downloading malicious software from Google Play, minimize the apps you install to the minimum required, carefully read user reviews, and perform checks to ensure the publisher is trustworthy. Google Play Protect adds real-time scanning to fight Android malware. Roid October security update fixes zero-days exploited in attacks. SpyNote Android malware spreads via fake volcano eruption alerts. Fake 'RedAlert' rocket alert app for Israel installs Android spyware. Roid malware Xenomorph runs new campaign targeting the U.S..
This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000