It seems like just about every week there is some new
malware threat to mobile users, especially for those who use Android. What if we told you that many of those new threats are not actually new at all?
According to Dr. Web, an anti-malware software provider and security research organization, there was a
significant spike in the use of numerous known malware threats hidden in faux apps on the Play Store. These apps ranged from hiding background advertisements and notification data stealing, to auto-signing people up for subscription services.
Image of known malware infected applications
Some of the apps also included fake versions of mods to popular applications, such as Facebook and WhatsApp. A good portion of those were mostly distributed through SEO Poisoning and social engineering methods to trick people into downloading and side-loading them as APKs, though.
It seems like a good portion of the malware was targeted towards Russian speaking languages as some screen captures provided by Dr. Web include fake financial applications geared towards investment in natural gas and energy. Others were just hidden in applications that claimed to provide image editing software, media players, and navigation software. One such application found to have the subscription malware in it is known as Top Navigator. Luckily, as of this post it has been removed from the Play Store, but not before it racked up over 500,000 downloads. That application has the ID of
com.navigatorcityproject.topnavigation, so if you do find it installed, make sure you remove it from your device.
Image of multiple fake apps known to be infected with malware
A good portion of these malwares also included ways of allowing the ne'er-do-wells to take screen captures, or intercept notifications to steal private information, such as 2-factor codes, one time passwords, and other security information. On top of that WhatsApp message intercepts, KeyLoggers, and much more. The total list of malware that was detected by Dr. Web has a slew of names which we have a list of here.
-
Android.Spy
- Android HiddenAds
- Android.MobiDash
- Program.FakeAntiVirus
- Program.SecretVideoRecorder
- Program.KeyStroke
- Program.WapSniff
- Program.FreeAndroidSpy
- Tool.SilentInstaller
- Tool.Loic
- Adware.AdPush
- Adware.SspSdk
- Adware.Myteam
- Android.FakeApp
- Android.PWS.Facebook
- Android.Subscription
Those are a ton of variations in malware, and according to Dr. Web one in five apps installed on Android systems are likely to have malware. So what do you do? Well, as we've advised almost every week with every malware we report on, make sure you read reviews. Double check against malware web sites, don't side-load APKs you don't trust, and just be wary in general. Some malware out there are especially tricky and might only be able to be eradicated through a
complete wipe of your device, which is not fun.
Image Sources: Dr. Web