Millions of Android users have downloaded more than 200 applications infected with malware from Google Play

mobile phones, 16.10.2024, 11:30 AM

Security researchers reported hundreds of fake apps to Google last year, warning that millions of users had infected their devices with malware.

This information is part of the report Zscalera covering the period from June 2023 to April 2024.

During that period, Zscaler detected more than 200 malicious apps on Google Play, which is a safer platform for Android app downloads than other app stores. Together, these apps have had more than eight million installs.

Of these, Joker was the most common threat in Google’s official app store, detected in nearly two-fifths (38%) of malicious apps detected by Zscaler. Once it infects a device, Joker steals data from the device and secretly subscribes victims to services charged at special rates, without their consent.

Adware was in second place (35% of detected malware), in applications that consume internet and battery by loading ads in the foreground or invisible ads in the background to generate fake ad impressions.

Followed by Facestealer (14%), which is designed to steal passwords of Facebook users, Loanly Installer (2.3%), Trojan Harly (1.4%) which subscribes victims to premium services and Anatsa (0.9%) or Teabot (0.9%), a banking Trojan which targets more than 650 bank applications worldwide.

The “Tools” category was the most abused in the Play Store, accounting for almost half (48%) of applications infected with malware. Malicious apps for personalization (15%) and photo editing (11%) were also common.

Almost half (46%) of attacks now involve Trojans, while the technology (18%), education (18%) and manufacturing (14%) sectors bore the brunt of mobile malware last year. In the case of the education sector, attacks have increased by 136% annually.

Zscaler said mobile banking malware (29%) and mobile spyware (111%) also saw big year-over-year jumps during the period covered by the report.

Photo: Mohamed Nohassi | Unsplash