Several adware, malware, and phishing apps masquerading as system optimizers and utilities have been downloaded more than two million times cumulatively from the Google Play Store, reports BleepingComputer.
Dr. Web researchers discovered that one of the malicious apps dubbed "TubeBox," which purports to offer monetary rewards for ad and video viewing, has been downloaded one million times and continues to be on the Play Store.
However, other adware apps, including "Bluetooth device auto connect," which also has one million downloads, have already been removed.
Commands from Firebase Cloud Messaging have been retrieved by the removed adware apps to facilitate the loading of websites in the commands and prompt fraudulent ad impressions.
The report also showed numerous loan scam apps with an average of 10,000 downloads claiming to be directly associated with Russian banking and investment entities. Malvertising in other apps has been used to promote the malicious apps, which redirect users to phishing apps to enable data collection.
Widely used cross-platform download manager Free Download Manager has released a script to help determine information-stealing malware compromise in Linux computers as part of a years-long supply chain attack recently reported by Kaspersky researchers, BleepingComputer reports.