Other adware apps that appeared on Google Play in October 2022 but have since been removed are:
- Bluetooth device auto connect (bt auto-connect group) – 1,000,000 downloads
- Bluetooth & Wi-Fi & USB driver (simple things for everyone) – 100,000 downloads
- Volume, Music Equalizer (bt auto-connect group) – 50,000 downloads
- Fast Cleaner & Cooling Master (Hippo VPN LLC) – 500 downloads
The aforementioned applications receive Firebase Cloud Messaging instructions and load the webpages provided in these commands, resulting in fake ad impressions on compromised devices.
Remote operators might even set an infected device to work as a proxy server in the instance of Fast Cleaner & Cooling Master, which had a low download volume. The threat actors might use this proxy server to route their own traffic via the compromised device.
Finally, Dr. Web uncovered a collection of loan scam applications claiming to have direct relationships with Russian banks and investment organisations, with an average of 10,000 downloads on Google Play.
