A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign.
The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively downloaded over one million times.
According to Malwarebytes, the websites are designed to generate revenues through pay-per-click ads, and worse, prompt users to install cleaner apps on their phones with the goal of deploying additional malware.
- Bluetooth App Sender (com.bluetooth.share.app) - 50,000+ downloads
- Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices) - 1,000,000+ downloads
- Driver: Bluetooth, Wi-Fi, USB (com.driver.finder.bluetooth.wifi.usb) - 10,000+ downloads
- Mobile transfer: smart switch (com.mobile.faster.transfer.smart.switch) - 1,000+ downloads
It's no surprise that malicious apps have devised new ways to get past Google Play Store security protections. One of the more popular tactics adopted by threat actors is to introduce time-based delays to conceal their malicious behavior.
Malwarebytes' analysis found the apps to have an approximately four-day waiting period before opening the first phishing site in Chrome browser, and then proceeding to launch more tabs every two hours.
The findings also come as researchers from Guardio Labs disclosed details of a malvertising campaign dubbed Dormant Colors that leverages rogue Google Chrome and Microsoft Edge extensions to hijack user search queries to an actor-controlled domain.
#THN
#osutayusuf
- Get link
- X
- Other Apps
- Get link
- X
- Other Apps
Comments
Post a Comment