Uninstall Now: These Android Apps on Google Play Are Actually Adware

Doctor Web’s latest monthly mobile threat report has identified several Android apps with more than 2 million installs that masquerade as gaming or productivity apps but are actually adware.

Originally spotted by Bleeping Computer, the apps have since been removed from Google Play, but if you downloaded any of them on your devices, make sure you uninstall them immediately.

The biggest culprit of the bunch is an app called Super Skibydi Killer, which has amassed over a million installs. The app promises a game where players take on the role of a “super killer” and try to assassinate their enemy through a series of shooting games.

Once installed, Super Skibydi Killer and others try “to hide from users” by using transparent home-screen icons or those that looked like the Google Chrome browser. “When users tap on such an icon, these trojans launch the browser and continue to operate in the background,” Doctor Web says. Other apps that were part of this scheme include Agent Shooter, Rainbow Stretch, and Rubber Punch 3D.

Doctor Web also found two Joker family apps on Google Play that subscribe users to paid services. One of those apps, Love Emoji Messenger, was downloaded 50,000 times. Another app, Beauty Wallpaper HD, only had about 1,000 downloads.

Beyond those the site also found several fake apps that were distributed as financial software for things like stock trading or home accounting but in fact, launched fraudulent sites where victims were encouraged to become investors. Those apps include GazEndow Economic, MoneyMentor, FinancialFusion, and Financial Vault.

Recommended by Our Editors

Other games within Google Play are advertised as games; however, once installed their main functionality is to load online casino websites. Those games include Eternal Maze, Jungle Jewels, Stellar Secrets, Fire Fruits, Cowboy’s Frontier, and Enchanted Elixir.

If you think

Read More ...

Beware Android users some Google Play Store apps are infected with spyware, uninstall them right now

By Divya Bhati: Google Play is one of the largest app stores globally, offering over 3 million apps for download. With such a wide selection of apps and a vast user base, the Android app store, operated by Google, also becomes a prime target for hackers seeking to spread malware. In a recent discovery, cyber security researchers have detected several suspicious apps on Google Play that are infected with malware. These malicious apps can steal sensitive information from the user’s phone and can be used to initiate other cyber attacks.

Researchers at CYFIRMA, a cybersecurity company, have issued a warning to Android users regarding apps that are currently available on Google Play. The apps in question, namely nSure Chat and iKHfaa VPN, are listed under the developer name “SecurITY Industry”. According to the researchers, these apps have been infected with spyware, designed to steal sensitive information from users’ phones. Furthermore, it has been discovered that these apps are being used by state-sponsored hackers as a means to gather intelligence from targeted devices. The information includes location data as well as contact lists from the affected users.

According to a report from Singapore-based cybersecurity company Cyfirma, the infected apps have been traced back to a dangerous hacking group known as “DoNot.” This group, believed to be state-sponsored, has been carrying out targeted attacks on prominent organizations in Southeast Asia since 2018. “Further technical analysis revealed that the app has malware characteristics and belongs to the notorious Advanced Persistent Threat Group; “DoNot”, which recently targeted individuals in the Kashmir region. In a recent observation, we found the threat actor is using Android payload against individuals in the Pakistan region, however, it is still unknown what drives them to conduct cyber strikes in the South Asian region,” reads the report by CYFIRMA.

Read More ...

Dangerous malware found in over 100 Android apps, uninstall these apps immediately from your phone

By Divya Bhati: Malware attacks are not new. We often come across reports of new malware circulating on the web, as hackers try new ways to target people and steal their data and money. However, what makes these malware attacks more concerning is when they manage to make their way to our devices through reliable sources. For instance, researchers have detected a new malware that has infected more than 100 apps on Google Play Store.

Security researchers at Dr. Web, in collaboration with BleepingComputer, have recently identified a new spyware called ‘SpinOK’ which has infected over 100 applications available for download on the Google Play Store. What makes this discovery particularly alarming is that these compromised apps have had a staggering total of over 400 million downloads.

Researchers have discovered that this trojan malware disguises itself as an advertisement SDK and appears to be legitimate by offering minigames with daily rewards to attract users. However, once downloaded, the malware steals private data stored on users’ devices and sends it to a remote server.

“On the surface, the SpinOk module is designed to maintain users’ interest in apps with the help of mini-games, a system of tasks, and alleged prizes and reward drawings,” the report by Doctor Web reveals.

The report further reveals that the infected apps had different levels of malicious content, with some still containing harmful software and others having it in specific versions or being removed entirely from the store. However, these apps have been downloaded 421,290,300 times and this puts a significant number of Android users at risk of cyber threat. While the researchers have alerted Google about it, users are also asked to take precautions and stay away from downloading any such apps.

Apps affected by Trojan malware

Dr. Web report has also revealed the

Read More ...