Beware of these popular Android apps containing deceptive adware

November 12, 2023Android Apps

Beware of these popular Android apps containing deceptive adware

Have you recently downloaded a new game or wallpaper app on your Android device? If so, you might want to read on. Cybersecurity buffs from Dr.Web have unveiled a bunch of Android apps you should definitely be wary of. Here’s why.

CLICK TO GET KURT’S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK VIDEO TIPS, TECH REVIEWS, AND EASY HOW-TO’S TO MAKE YOU SMARTER

Experts have discovered Android apps that users should be aware of. (CyberGuy.com)

What’s the big deal?

Dr.Web’s diligent researchers pinpointed several Android applications that were silently serving ads and sneakily getting users signed up for premium services. These questionable apps were all on the Google Play Store and had been downloaded about two million times.

These apps masked themselves as innocent games, messaging platforms and wallpaper tools. Their underlying code, however, was affiliated with notorious malware types referred to as FakeApp, Joker and HiddenAds.

MORE: GUARD YOUR PASSWORDS: CHERYBLOS & FAKETRADE MALWARE THREATEN ANDROIDS

How do these malicious apps work?

Once you install one of these apps, it quickly switches its icon to something you’d likely think twice about deleting, like the Chrome browser icon. Some even went the extra mile and removed their icons entirely, creating a puzzling empty gap in your app collection.

These stealthy apps run quietly in the background, bombarding victims with ads via their browsers. From casino promos to deceptive investment opportunities, these ads breach Google’s ad protocols, lining the pockets of these malicious app creators.

Delete these apps now

Super Skibydi Killer is the main culprit here, boasting a whopping one million downloads. Also keep an eye out for these apps:

HiddenAds apps:

Agent Shooter (500,000 downloads)
Rubber Punch 3D (500,000 downloads)
Rainbow Stretch (50,000 downloads)

AI APOCALYPSE TEAM FORMED TO FEND OFF CATASTROPHIC NUCLEAR AND BIOCHEMICAL DOOMSDAY SCENARIOS

Super Skibydi

October 12, 2023Android Google

Android Users Beware: Indian Government Cautions Google Pixel, Samsung, and OnePlus Owners

The Indian government has issued a crucial warning for Android users, encompassing popular smartphone brands like Google Pixel, Samsung, OnePlus, and more. The warning specifically targets users of Android OS versions 11, 12, 12L, and 13 due to the existence of multiple vulnerabilities that can potentially expose sensitive information to fraudsters.

The Indian Computer Emergency Response Team (CERT-In), operating under the Ministry of Electronics and Information Technology, has identified these vulnerabilities, emphasizing the critical need for users to update their Android operating systems promptly. While tech companies frequently release updates to address these issues, many users neglect to update their OS due to data limitations, storage constraints, or ease of use.

The Indian government’s warning underscores the gravity of the situation, pointing out that older OS versions are more susceptible to exploitation through these vulnerabilities.

CERT-In has outlined that these vulnerabilities stem from flaws within various Android OS components, including Framework, System, Google Play system updates, Arm components, MediaTek components, UNISOC components, Qualcomm components, and Qualcomm closed-source components.

The consequences of exploiting these vulnerabilities can be severe, enabling attackers to execute arbitrary code, gain elevated privileges, access sensitive information, and disrupt the targeted system’s functionality. This places users at risk of various cyber threats, including data breaches and fraud.

To protect themselves from these security risks, Android users, including those with devices from Google Pixel, Samsung, OnePlus, and other manufacturers, should promptly apply the appropriate security patches as provided by Google. Timely OS updates and patch installations are essential for maintaining the security and integrity of personal information stored and shared on Android devices.

In a world where smartphones have become central to everyday life, safeguarding personal information is paramount. By heeding this critical warning and taking the necessary precautions, Android users can help protect their data and minimize their

June 25, 2023Android Apps

Beware Android users some Google Play Store apps are infected with spyware, uninstall them right now

By Divya Bhati: Google Play is one of the largest app stores globally, offering over 3 million apps for download. With such a wide selection of apps and a vast user base, the Android app store, operated by Google, also becomes a prime target for hackers seeking to spread malware. In a recent discovery, cyber security researchers have detected several suspicious apps on Google Play that are infected with malware. These malicious apps can steal sensitive information from the user’s phone and can be used to initiate other cyber attacks.

Researchers at CYFIRMA, a cybersecurity company, have issued a warning to Android users regarding apps that are currently available on Google Play. The apps in question, namely nSure Chat and iKHfaa VPN, are listed under the developer name “SecurITY Industry”. According to the researchers, these apps have been infected with spyware, designed to steal sensitive information from users’ phones. Furthermore, it has been discovered that these apps are being used by state-sponsored hackers as a means to gather intelligence from targeted devices. The information includes location data as well as contact lists from the affected users.

According to a report from Singapore-based cybersecurity company Cyfirma, the infected apps have been traced back to a dangerous hacking group known as “DoNot.” This group, believed to be state-sponsored, has been carrying out targeted attacks on prominent organizations in Southeast Asia since 2018. “Further technical analysis revealed that the app has malware characteristics and belongs to the notorious Advanced Persistent Threat Group; “DoNot”, which recently targeted individuals in the Kashmir region. In a recent observation, we found the threat actor is using Android payload against individuals in the Pakistan region, however, it is still unknown what drives them to conduct cyber strikes in the South Asian region,” reads the report by CYFIRMA.

April 19, 2023Android Apps

Beware of These Android Apps That Can Dupe You!

The Android ecosystem is no stranger to vicious malware and ransomware attacks. Over the years, this has raised serious privacy and security concerns. While Google has worked towards user security and privacy, cyber attackers always find ways to get around such measures. A recent example of this is the “Goldoson malware” attack, which can lead you to ad fraud. The worst part is that all the 63 infected apps are widely popular with over 10M+ installs.

Do Not Fall for These Goldoson-Infected Apps

Primarily detected in popular apps in South Korea by McAfee, the Goldoson malware is part of a software library that had been used by all the infected apps unknowingly. According to McAfee’s report, the malware is capable of ad fraud. You will not even realize the existence of this malware on your device and it will continue to operate in the background, clicking ads without your consent.

It can collect data on the apps installed on your smartphone, Wi-Fi, GPS, and Bluetooth-connected devices. Now, how does it work? The report explains that whenever you launch any of the infected apps on your device, the Goldoson malware registers your device information into its library and receives your device configuration from a masked remote server.

This configuration will be able to decide the parameter of data-stealing and ad-clicking on your device. This includes the frequency of these actions as well as the type of data that the server can access.

Usually, the data from your device is sent to the masked server every 2 days. However, the level of infection also depends on the type and number of permissions you have assigned to the infected app. Even with robust security measures of Android 11 and above, Goldoson can easily access sensitive data from 10% of the apps. In

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.