CYBERSECURITY researchers have warned Android owners over 10 apps that are being targeted and injected with bank raiding malware.
The batch of problematic apps was exposed as part of a wider investigation by Bitdefender into an eyewatering 60,000 malicious Android apps.
1
These apps are entwined in a campaign designed to aggressively push adware – malware that hides inside adverts – with the purpose of driving revenue, according to the cybersecurity firm.
Websites can earn revenue when visitors engage with their ads, which is why fraudsters often use adware and persistent ads as a money-making tactic.
However, the scammer behind this particular threat campaign has been found to redirect users to other types of malware, such as banking Trojans that can steal financial details.
The cyber crook is targeting so-called ‘modded’ apps on the Google Play store, according to Bitdefender.
Modded apps are made by individual programmers from unofficial companies, outside of regulations, and often show a lot of ads to serve free premium services or features which the original app doesn’t offer.
In a bid to lure unsuspecting users into downloading the malware, the person behind the scheme is hiding behind popular or sought after apps you can’t find on the official Google Play Store, researchers found.
“The distribution is organic… modded apps are a hot commodity, with websites dedicated entirely to offering these types of packages,” according to researchers.
The scammer then sneakily installs the malware with a time-delay so any suspicious activity flies under the radar.
Most read in Tech
Those who download the apps are met with an error message saying the install was unsuccessful – which isn’t true.
The malicious app is actually hiding in the system and can be found only in the Settings > Apps Info section on Android devices.
“The malware has been live since at least October 2022 and is noteworthy because without the new app anomaly technology – it most likely would have been able to stay undetected,” researchers wrote in a blog post published today.
Here are some of the types of apps mimicked by the malware:
- Game cracks (where games have been modified to allow you to play it without buying it)
- Games with unlocked features
- Free VPN
- Fake videos
- Netflix
- Fake tutorials
- YouTube/TikTok without ads
- Weather
- Pdf viewers
- Fake security programs
The Sun has contacted Google for comment.
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
