The Hacker News
reports that 60,000 unique apps posing as cracked versions of widely used Android applications have been leveraged to spread adware in an ongoing campaign that commenced in October.
Such fraudulent apps, most of which were detected to be distributed in the U.S., South Korea, Brazil, Germany, the UK, and France, have been downloaded through malware-hosting ad pages and do not include icons or names upon installation but facilitate stealthy malicious activity even when uninstalled, a report from Bitdefender showed.
"The campaign is designed to aggressively push adware to Android devices with the purpose to drive revenue. However, the threat actors involved can easily switch tactics to redirect users to other types of malware such as banking Trojans to steal credentials and financial information or ransomware," said Bitdefender.
The adware campaign's discovery follows CloudSEK's identification of the malicious SpinOK SDK
with file exfiltration capabilities across Google Play apps that have 30 million total downloads.