Application security, Endpoint/Device Security

More widely installed malicious Android apps identified

BleepingComputer reports four malicious Android apps developed by Mobile apps Group with more than a million cumulative downloads in the Google Play Store have been enabling the theft of sensitive information through phishing sites and "pay-per-click" revenue generation. The malicious apps which include Bluetooth Auto Connect, Bluetooth App Sender, Driver: Bluetooth, Wi-Fi, USB, and Mobile transfer: smart switch had a 72-hour gap between the initial ad or phishing link in the browser and the deployment of more similar tabs every two hours, a report from Malwarebytes showed. Various phishing and ad sites are being opened even when impacted devices are locked, with researchers discovering that action logs have been obfuscated through the "sdfsdf" log descriptor. Mobile apps Group has already been discovered twice before to be involved in adware distribution on Google Play. Android device users have been advised to download apps only from official app stores, read user reviews, examine network data activity and battery usage, and enable Google's Play Protect functionality to curb adware apps.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.