Login

Register

Login

Register

#cybersecurity | hacker | Malicious apps now post their own positive reviews on Google Play


The assault on Google’s Play Store continues with 30 malicious apps being revealed that have been downloaded hundreds of millions of times and having capabilities that have caused security firms suggesting end users take extraordinary steps to vet software prior to downloading.

VPNpro and
Trend Micro made public 24 and four apps, respectively, that are either capable
of downloading further malware or conducting ad fraud and in some cases can
post fake information to the Play Store to make them appear more desirable.

The apps found by Trend Micro, detected as AndroidOS_BadBooster.HRX, have the ability to inject 3,000 different types of malware and perform ad fraud on a targeted device. The apps, which have been downloaded 470,000, pose as performance and productivity tools, hide in plain sight by not appearing either on the desktop or in the application list. When in ad fraud mode the malware not only posts ads to the mobile device, but also clicks on them to generate income for the advertiser.

Another interesting
and dangerous aspect to these four apps is they have the ability post to positive
reviews to Google Play in order to appear more legitimate to their potential
victims. To counter this Trend Micro is recommending that end users first
scrutinize an app from several different angles prior to downloading.

“Despite the
slew of positive reviews, it does leave some red flags — even though different
users left positive reviews, the comments they leave contain the same, exact
text: ‘Great, works fast and good.’ They also gave the app the same four-star
rating,” the report stated.

These apps
became available in 2017, but were taken down by Google when it was inform

Another
solid practice suggested by VPNpro
is for customers to simply question whether or not an app that they are either thinking
about getting or one that is already on their device is really needed and if
not to either delete it or opt to not download it in the first place.

This
practice can help a person avoid being stuck with the apps uncovered by Trend
Micro or the 24 malicious VPN apps found by VPNpro.

These apps
were all made by the Chinese firm, Shenzen HAWK Internet, a subsidiary of TCL
Corp. a large consumer electronics firm that owns the licenses to dozens of
well- known brands  like Alcatel,
BlackBerry, and RCA .

The apps
have been downloaded a combined 384 million times, VPNpro reported. These apps
perform a wide variety of dangerous task from scraping information and sending
it to a server in China, to serving ads and asking for a very large number of
permissions such as the ability to make calls, take photos and record video.

Unlike with
the apps found by Trend Micro, these are still available in the Play Store.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW