Analysts say half a dozen Android apps disguised as public utility services are defrauding users and earning developers money from advertising.
The apps have managed to fool quite a few people, which have apparently been downloaded more than two million times.
Google has since removed them all from the Play Store, but users are still being warned to beware.
Malicious Android apps
Dr. antivirus team Web discovered a total of five apps whose sole purpose is to trick people into downloading them and then displaying ads to them for as long as possible. The largest of them, with over a million downloads, is TubeBox.
TubeBox promises users to reduce ad revenue if they sit and watch in-app ads. However, the whole thing is a gimmick because when a user tries to redeem the rewards, he or she will conveniently run into various bugs and bugs. Even those who somehow manage to get around all the bugs will simply not receive any funds.
Other uncovered apps include “Auto-connect Bluetooth devices” with 1 million downloads, “Bluetooth & Wi-Fi & USB Driver” with 100,000 downloads, “Volume, Music Equalizer” with 50,000 downloads, and “Fast Cleaner & Cooling Master”, with approximately 500 downloads.
Apps don’t display just any ads – the Firebase Cloud Messaging account serves as the C2 server and instructs apps which websites to load.
Researchers have discovered that some apps, such as “Fast Cleaner & Cooling Master”, can also be used as a proxy server. With a proxy server, cybercriminals could route their traffic through an infected endpoint (opens in a new tab).
Just because an app is on the Google Play store doesn’t make it safe by default. While Google’s defenses are powerful, cybercriminals are always looking for new ways to cram fake apps into the repository of popular apps, and they succeed from time to time. To protect yourself from such apps, always read the reviews as other users may also warn you about the scam.
By: Beeping Computer (opens in a new tab)