Android malware applications with 2 million installations have been discovered on Google Play

Over two million individuals have been tricked into downloading a new batch of Android malware, phishing, and adware applications that have invaded the Google Play store.

Dr Web antivirus detected the programmes, which masquerade as beneficial tools and system optimizers but are really causes of performance glitches, advertisements, and user experience deterioration.

TubeBox, as demonstrated by Dr Web, has one million downloads and is still accessible on Google Play at the time of writing.

 

 

TubeBox offers monetary incentives for viewing videos and advertisements on the app but never delivers, displaying numerous errors when attempting to redeem the gathered awards.

Even customers who complete the final withdrawal stage never get their dollars, according to the researchers, since it’s all a ruse to keep them on the app as long as possible, viewing adverts and earning income for the makers.

Other adware apps that appeared on Google Play in October 2022 but have since been removed are:

  • Bluetooth device auto connect (bt auto-connect group) – 1,000,000 downloads
  • Bluetooth & Wi-Fi & USB driver (simple things for everyone) – 100,000 downloads
  • Volume, Music Equalizer (bt auto-connect group) – 50,000 downloads
  • Fast Cleaner & Cooling Master (Hippo VPN LLC) – 500 downloads

The aforementioned applications receive Firebase Cloud Messaging instructions and load the webpages provided in these commands, resulting in fake ad impressions on compromised devices.

Remote operators might even set an infected device to work as a proxy server in the instance of Fast Cleaner & Cooling Master, which had a low download volume. The threat actors might use this proxy server to route their own traffic via the compromised device.

Finally, Dr. Web uncovered a collection of loan scam applications claiming to have direct relationships with Russian banks and investment organisations, with an average of 10,000 downloads on Google Play.

 

 

These applications were advertised by malvertizing in other apps, with the promise of assured investment gains. In practice, the applications redirect users to phishing sites that capture their personal information.

To protect yourself against fake programmes on Google Play, always look for bad reviews, read the privacy policies, and visit the developer’s website.

In general, try to restrict the number of installed applications on your smartphone to a minimum and check and verify that Google’s Play Protect function is enabled on a regular basis.