#cybersecurity | hacker | Malicious apps now post their own positive reviews on Google Play

Source: National Cyber Security – Produced By Gregory Evans

The assault on Google’s Play Store continues with 30 malicious apps being revealed that have been downloaded hundreds of millions of times and having capabilities that have caused security firms suggesting end users take extraordinary steps to vet software prior to downloading.

VPNpro and
Trend Micro made public 24 and four apps, respectively, that are either capable
of downloading further malware or conducting ad fraud and in some cases can
post fake information to the Play Store to make them appear more desirable.

The apps found by Trend Micro, detected as AndroidOS_BadBooster.HRX, have the ability to inject 3,000 different types of malware and perform ad fraud on a targeted device. The apps, which have been downloaded 470,000, pose as performance and productivity tools, hide in plain sight by not appearing either on the desktop or in the application list. When in ad fraud mode the malware not only posts ads to the mobile device, but also clicks on them to generate income for the advertiser.

Another interesting
and dangerous aspect to these four apps is they have the ability post to positive
reviews to Google Play in order to appear more legitimate to their potential
victims. To counter this Trend Micro is recommending that end users first
scrutinize an app from several different angles prior to downloading.

“Despite the
slew of positive reviews, it does leave some red flags — even though different
users left positive reviews, the comments they leave contain the same, exact
text: ‘Great, works fast and good.’ They also gave the app the same four-star
rating,” the report stated.

These apps
became available in 2017, but were taken down by Google when it was inform

Another
solid practice suggested by VPNpro
is for customers to simply question whether or not an app that they are either thinking
about getting or one that is already on their device is really needed and if
not to either delete it or opt to not download it in the first place.

This
practice can help a person avoid being stuck with the apps uncovered by Trend
Micro or the 24 malicious VPN apps found by VPNpro.

These apps
were all made by the Chinese firm, Shenzen HAWK Internet, a subsidiary of TCL
Corp. a large consumer electronics firm that owns the licenses to dozens of
well- known brands  like Alcatel,
BlackBerry, and RCA .

The apps
have been downloaded a combined 384 million times, VPNpro reported. These apps
perform a wide variety of dangerous task from scraping information and sending
it to a server in China, to serving ads and asking for a very large number of
permissions such as the ability to make calls, take photos and record video.

Unlike with
the apps found by Trend Micro, these are still available in the Play Store.

Original Source link

The post #cybersecurity | hacker | Malicious apps now post their own positive reviews on Google Play appeared first on National Cyber Security.

Leave a Reply

Your email address will not be published. Required fields are marked *