Some Google Play apps are infiltrated with numerous malwares.
For those who are using an Android device all over the world, usually the Google Play Store will be the go-to location to download numerous apps of different kinds for different needs since it offers a wide plethora of options.
However, cybersecurity researchers from Zscaler, an IT security company, discovered that there are numerous malware families residing in the Play Store.
Zscaler's ThreatLabz found three malicious malware families in the Google Play apps. These malwares are named: Joker, Facestealer, and Coper.
Malwares Hidden on Google Play Apps
Security researchers in the field have uncovered three families of Android malware that have infiltrated and are spreading throughout the Google Play Store.
The group of malware is reported to be concealing its dangerous payloads among a large number of applications that appear to be harmless on the outside.
According to BleepingComputer, Android users who install these types of apps that contain malware will have a high possibility of being subjected to a variety of malicious cyberattacks.
These attacks might take form in different ways, such as data theft, the takeover of their social media accounts, the interception of their SMS communications, and the addition of exacerbated charges to their mobile numbers.
The malicious apps were swiftly deleted from the Google Play Store after the ThreatLabz team promptly informed the Google Android Security team of these newly found risks.
After Google was informed, the Google Android Security team took the necessary actions and subsequently removed all of those that had been reported.
The Joker Malware
The family of malware known as Joker is used to obtain data from devices that have been compromised. This data can include text messages, contact lists, and mobile numbers that can be subscribed to premium wireless application protocol (WAP) services.
There are over fifty distinct Joker apps that have been found on the Play Store by ThreatLabz. These applications have been downloaded more than 300,000 times. Some of these applications are categorized as:
Communication
Health
Personalization
Photography
Tools
According to data from Zscaler data, tools and communication apps were two of the most targeted types of apps. This accounts for the vast majority of programs infected by the Joker virus.
This seems reasonable for communication apps since they naturally demand users allow access to some rights and permissions.
The Facestealer Malware
Facestealer is a malware that steals Facebook accounts from unsuspecting users by concealing bogus login forms over the real ones seen in reputable apps.
After the user's smartphone has been infected, they will be required to log in to Facebook in order to continue using the app. After a successful login, the malware creator takes the opportunity to steal the credentials as well as the auth tokens.
The investigators discovered one program that concealed a particular family of malware in its source code. On the Google Play Store, the app is named "cam.vanilla.snapp." It has been reportedly downloaded around 5,000 times.
Coper Malware
Another type of malware found on the Play Store is Coper. This malware is capable of stealing information from the device once it has been infected. It is capable of hacking a device's SMS text messaging, sending malicious text messages, and much more.
This malware was discovered to be prominent in Australia, South America, and Europe, as it disguises itself as a banking app in Google Play.
The result of these activities ultimately leads to attackers gaining information and access that they can leverage to steal money from victims. According to Zscaler, the app they found that contained this malware is named "Unicc QR Scanner".
Related Article: iPhone Users are Urged to Remove These 84 Scam Apps