A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, duping more than two million people into installing them. The apps pretend to be useful utilities and system optimizers but, in reality, are the sources of performance hiatus, ads, and user experience degradation.
One app that has gathered one million downloads is TubeBox, which promises monetary rewards for watching videos and ads on the app but never delivers on its promises, with various errors whenever the user tries to redeem the collected rewards.
Researchers say it’s all a trick to try and keep them on the TubeBox app for as long as possible, watching ads and generating revenue for the developers. Other adware apps that appeared on Google Play and have been removed are:
· Bluetooth device auto connect (bt autoconnect group) with 1,000,000 downloads
· Bluetooth & Wi-Fi & USB driver (simple things for everyone) with 100,000 downloads
· Volume, Music Equalizer (bt autoconnect group) with 50,000 downloads
· Fast Cleaner & Cooling Master (Hippo VPN LLC) with 500 downloads
These apps receive commands from Firebase Cloud Messaging and load the websites specified in these commands, generating fraudulent ad impressions on the infected devices. A set of loan scam apps claiming to have a direct relationship with Russian banks and investment groups, was also discovered.
These apps were promoted via malvertizing through other apps, promising guaranteed investment profits. In reality, the apps take the users to phishing sites where their personal information is collected.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.