This new list of Malware Dropper apps on the Play Store should be removed now, say security experts / Digital Information World
Applications surrounding the theme of malware droppers can be found in a report of millions. And they get thousands of downloads across the board. Experts list rogue apps that should be removed shortly before they end up causing more damage than expected. But the worst part about this whole ordeal is how hard they are to spot compared to everyone else. And that’s what makes it hard for people to catch on and notice immediately.
Many of these apps have endured thousands of installations and continue to perform dubious actions. The new line of apps on the Google Play Store uses means such as fake updates for installing banking Trojans on devices owned by people who had no idea what they were capable of.
The report comes to us thanks to the likes of Bleeping Computers who claim that it becomes much easier over time to include such apps in the Play Store as they don’t have any harmful code that can be spotted immediately. What they do is infect smartphones on Android with various forms of malware that arises after its installation.
Another factor that makes them really hard to spot is how they work with advertisers after being downloaded, so a lot of the normal behavior masks the malicious behavior and you have no idea what’s going on.
That’s thanks to Threat Fabric who went public with the news after spotting the malicious findings and highlighting them in a new report. Cybercriminals are on the loose and now it’s so much easier to infect vulnerable devices than anything else.
The general consensus now is to remove these apps from your system if seen on your Android device. These need to be removed manually at a faster rate than usual. Many apps involve crypto wallets, while a few also contain banking apps.
They are usually targeted and therefore endanger users’ sensitive financial information on infected devices. The list can be downloaded online via the website, but we discuss it briefly below.
They include File Manager, Audio Recovery, Pictures and Videos, Finance Tracker, and Zetter Authentication. So far they have achieved download figures ranging from 1,000 to 100,000 and that is really a lot.
Security researchers conducting the study say they uncovered during such an investigation how a few malware-dropping campaigns massively distributed software like SharkBot and Vultur, which are serious banking Trojans.
The first uses fake login screens so that users’ banking and other credentials are stolen. In the same way, it ends up stealing and disguising the texts that take advantage of your android device. Although it is still causing destruction, the app has not yet received many downloads considering how often it is found in all major regions of the world like the United States, Spain, Australia, UK, Germany, etc.
Then there is another malware campaign called Vultur which is distributed as another top banking trojan application. He uses social media, messaging, etc. to steal credentials belonging to users. But a new variant has also been discovered that actually records things like gestures, clicks and more made by victims on Android phones.
Experts believe that the best way to protect yourself from all of this is to be very careful when installing an app on your device. Consider whether you need it or not, then make sure to read the reviews and take a look at the ratings as well. Also, any app that asks for an update, right after downloads, is worth reconsidering.
Read next: Which brand gets spoofed the most in phishing attacks? The answer might surprise you