Android Apps on Play Store which redirect users to malicious sites
It's no surprise that cyber attackers have devised new ways to make their malicious pass through the security protections of the Google Play Store. One of the more popular tactics such attackers adopt is to introduce delays to hide their activity online.
A recent study found that a malware campaign known as HiddenAds had been running since at least June 2019, with seventy-five percent of its ads being malicious in some way. Researchers across the world are working together to stop the campaign.
In new information uncovered by Guardio Labs, researchers revealed that a malvertising campaign called Dormant Colors is leveraging Google Chrome and Microsoft Edge extensions to steal user search databases.
Four Android apps released by the same developer have been discovered. They are being used to trick users into visiting malicious websites that steal information as part of an information-stealing campaign. The developer discovered apps directing victims to malicious websites as part of an adware and information-stealing campaign.
Malwarebytes found the apps to have a long waiting period of four whole days before opening the first phishing site and then launching more tabs every two hours. The malicious apps have had over one million people download the apps published by Mobile Apps Group, which are currently available on the Play Store.
According to Malwarebytes, malicious sites are designed to generate revenue through pay-per-click ads and prompt users to install cleaner apps on their phones. Malware Android Apps.
The list of apps is as follows: -
Driver: Bluetooth, Wi-Fi, USB (com.driver.finder.bluetooth.wifi.usb) - 10,000+ downloads
Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices) - 1,000,000+ downloads
Mobile transfer: smart switch (com.mobile.faster.transfer.smart.switch) - 1,000+ downloads
Bluetooth App Sender (com.bluetooth.share.app) - 50,000+ downloads
With all our information connected and stored on computers, we're more vulnerable to cyber fraud and cyberattacks than ever. But there is still time to take measures against these threats.
