Cybercriminals don’t let any chance go abegging when it comes to finding the best possible way to trick users out of their personal information and ultimately money out of their banks. Their primary tactic involves smartly embedding the malware in a manner that enables it to evade detection by cybersecurity experts for the longest time possible, all the while masquerading as legitimate apps or services. With such malicious activities, a fresh wave of apps containing malicious malware has raised concerns, leading to warnings for tens of thousands of Android users.
Bitdefender’s cybersecurity researchers recently revealed a hidden malware campaign that managed to remain undetected on mobile devices across the globe for over six months. Further investigation into the malware campaign suggested that the campaign was specifically designed to aggressively distribute adware on Android devices, aiming to generate substantial revenue. So far, Bitdefender has identified 60,000 unique apps containing this adware, and there is a strong suspicion that many more such samples exist in the wild.
How does it affect Android users? Further research also suggested that this specific threat campaign has implemented a trick to redirect users towards various forms of malware. These include banking Trojans which are capable of stealing sensitive financial information from victims. The worrying part is that these malware-loaded apps actually mimicked the real and popular apps published on Play Store. These apps are referred to as “modded” apps by the researchers which are modified versions of the original apps with their true features. Here are the malicious apps that have been mugged by the malware:
Apps that mimicked the malware
- Game cracks
- Games with unlocked features
- Free VPN
- Fake videos
- Fake tutorials
- YouTube without ads
- TikTok without ads
- Cracked utility programs: weather, pdf viewers, etc
- Fake security programs
What you should do?
- To ensure the security of your device, the cybersecurity firm has advised you to use a robust security solution that effectively detects these threats.
- Moreover, they strongly discourage people to download apps from third-party app stores and websites as it significantly increases the risk of compromising your device’s security.
- Always check the developer of the app before downloading even from legitimate sources.