Security researchers from Zscaler ThreatLabz and Pradeo have discovered a series of fee-fraud apps targeting Android users.
According to Thehackernews , these fee-fraud apps are known to contain malware notorious Joker – designed to enroll users in unwanted paid services or make calls to numbers. specifically, also collects SMS messages, contacts and device information. This malware was first detected on the Google Play Store in 2017.
A total of 53 apps with more than 330,000 downloads on Google Play containing the Joker malware were identified by the researchers. These apps usually act as SMS, photo editor, blood pressure monitor, emoji keyboard, and translator app, however they require higher permissions for the device to perform the required operations. demand of the bad guys behind.
Not just Joker, security researcher Maxime Ingrao revealed last week eight apps containing another variant of malware called Autolycos , with a total of more than 3 million downloads before being removed from the store. application after more than 6 months of operation.
Talking about Autolycos, Malwarebytes researcher Pieter Arntz said: “What’s new about this type of malicious application is that it no longer requires WebView. Not requiring a WebView greatly reduces the ability of the user to detect anomalies. Autolycos avoids WebView by executing the URL on the remote browser and then injecting the results into HTTP requests.”
In addition, the researchers also found apps on Google Play that were embedded with Facestealer and Coper malware. While Facestealer allows the person behind it to extract Facebook login information and authentication tokens. As for Coper, it is a descendant of the Exobot malware that acts as a banking trojan that can steal a variety of data. Two apps found to be infected with Facestealer and Coper include Vanilla Camera (cam.vanilla.snapp) and Unicc QR Scanner (com.qrdscannerratedx).
Experts recommend that users make sure to download apps from app stores , and limit granting unnecessary permissions to apps. Users can verify legitimacy by checking developer information, reading reviews, and scrutinizing their policies privacy