Almost 2 billion malware installs thwarted by Google Play Protect in 2019
That’s for apps from third-party marketplaces; another 790,000 policy-breaking apps were stopped from reaching Google Play
That’s for apps from third-party marketplaces; another 790,000 policy-breaking apps were stopped from reaching Google Play
ESET researchers have analyzed fake cryptocurrency wallets emerging on Google Play at the time of bitcoin’s renewed growth
Cybercrooks use bogus apps to phish six online banks and a cryptocurrency exchange
Fraudsters are using bogus apps to convince users of three Indian banks to divulge their personal data
Besides delivering the promised functionalities, the malicious apps can display fake notifications and login forms seemingly coming from legitimate banking applications, harvest credentials entered into the fake forms, as well as intercept text messages to bypass SMS-based 2-factor authentication.
The Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again and contains new tricks designed to get access to the private banking information of the user.
ESET researchers have observed an increased number of apps on Google Play using social engineering techniques to boost their ratings, ranging from legitimate apps, through adware to malware.
ESET has discovered eight fake applications on Google Play, which were promising to boost the number of followers on users’ social network profiles. Our security software is detecting these as Android/Fasurke.
Google Play porn clicker campaign: A single family of malicious apps masquerading as popular games or apps, designed to bypass Google’s security checks.
Over 500,000 Android users targeted by phishing apps harvesting their Facebook credentials. ESET detects these trojans as Android/Spy.Feabme.A.
Google is taking additional security measures to shut out malware from its app store by introducing a human screening process.
Users of British broadcaster Sky’s Android apps were left worried after hackers defaced the company’s Google Play page, and simultaneously sent out a warning via a company Twitter account that the apps had been “hacked and replaced”.
ESET analysis breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice
Cryptocurrency stealers that replace a wallet address in the clipboard are no longer limited to Windows or shady Android app stores
The malicious apps have all been removed from the official Android store but not before the apps were installed by almost 30,000 users
Tricksters have been misleading users about the functionality of apps by displaying bogus download numbers
The game was uploaded to Google Play and attempted to trick users into unwittingly signing up for a weekly paid subscription
For a user, it can be difficult to figure out whether an app is malicious. First off it is always good only to install applications from the Google Play store, since most malware is still mainly spread through alternative stores.
In all the cases we investigated, the final payload was a mobile banking trojan. Once installed, it behaves like a typical malicious app of this kind: it may present the user with fake login forms to steal credentials or credit card details.
With all the hype around cryptocurrencies, cybercriminals are trying to grab whatever new opportunity they can – be it hijacking users’ computing power to mine cryptocurrencies via browsers or by compromising unpatched machines, or various scam schemes utilizing phishing websites and fake apps.