Categories
Tech

Dangerous Android Apps on Google Play Store Can Steal Your Money

Android is the most popular mobile OS for smartphones, but that doesn’t mean that every app which is compatible with Android is safe. Even more concerning is that there are some dangerous Android apps on Google Play Store that can steal your money, according to a recent ESET report.

As reported by ESET, several cybercriminals managed to bypass Google Play Store’s security measures and upload dozens of apps packed with malware that can steal your money on Google’s Android apps store. According to ESET, these apps come as device cleaners, horoscope apps, and battery optimizers.

What more concerning regarding these malicious apps is that they are designed to send and receive SMS to and from the infected smartphones, which can bypass the two-factor authentication methods and grant access for the cybercriminals to internet banking apps or other private applications. Besides, the infected apps can download additional programs and ‘clone’ any other application that is already installed on the infected smartphones.

Dangerous Android Apps on Google Play Store Can Steal Your Money

“Fortunately, these particular banking Trojans do not employ advanced tricks to ensure their persistence on affected devices. Therefore, if you suspect you have installed any of these apps, you can simply uninstall them under Settings > (General) > Application manager/Apps,” ESET stated.

“We also advise you to check your bank account for suspicious transactions and consider changing your internet banking password/PIN code,” the IT security experts of ESET added.

According to ESET, we can avoid installing such malicious apps by only downloading Play Protect-verified apps from Google Play Store, having a trustworthy anti-malware software up and running on our devices, and always installing the latest Android security patches as soon as they roll out. In addition to all that, we shouldn’t install suspicious applications, including horoscope apps, unknown device cleaners, or low-profile battery optimizers, and we must only rely on apps with plenty of reviews and from trustworthy developers.

Categories
Crypto Tech

Android Cryptocurrency Mining Malware Is Affecting Amazon Fire Devices

An Android cryptocurrency mining malware is infecting the Amazon Fire devices, such as Amazon Fire TVs. This Android malware is part of Android ADB, and it spreads to different devices, slowing them down as it uses their computing resources to mine cryptos.

This Android malware has begun to affect Amazon Fire and Fire TV Stick devices, which are compatible with TV services from Amazon and other providers and use a version of Android on their Fire OS operating system, as the AFTVnews portal has warned.

This version of cryptocurrency mining malware installs automatically on Amazon Fire TV devices with Fire OS 6 or earlier in an application called Test accompanied by the package named “com.google.time.timer.” Several users of these devices have reported this problem over the past year through forums.

After installation, this Android cryptocurrency mining malware can spread to other associated devices, slowing down their operation and occasionally forcing applications to stop.

An Android cryptocurrency mining malware is affecting Amazon Fire devices

The discoverers of this malware suggest that it was spread through ‘apps’ allowing access to watch pirated movies, although its origin has not been identified precisely.

While this Android cryptocurrency malware is up and running, all the computing power of the device’s processor will be used to mine cryptocurrency, which explains why the infected devices are getting laggy and slower.

It is believed that the malware was first installed as a result of an application downloaded by sideloading.

In order to prevent the spread of this Android cryptocurrency mining malware, the specialists recommended users turn off ADB debugging and applications from unknown sites under “Settings” sections on your Amazon Fire TV. If a device has contracted this Android malware, the only solution to get rid of it is to return your device to its factory settings, according to AFTVnews.

Categories
News Tech

Android Malware Found In Low Cost Phones

In December 2016, the Russian antivirus vendor, Dr. Web, revealed that various mobile carriers had been infected with malware. Dr. Web helped with finding malware in at least 26 low-cost Android smartphones and tablets and it followed a period of no such incidents. However, the incident is still happening and expanding today.

Difficulty in finding the culprit

Avast, a cyber-security firm, is having a difficult time tracking the moment when the malware is inserted in devices because there are too many affected ones. The criminal operation infects a device the second it has the opportunity to access its firmware. But Avast did manage to take down the group’s command-and-control server, but they simply infected another hosting provider until the domain registrar discredited their domain name.

The only common element found in infected devices in over 90 countries is that they all have a Mediatek chipset. However, if Mediatek was the culprit, how come just a handful of devices for a specific model harbour the malware and not all of them? It wouldn’t make sense.

More signs of malware infection

Avast released a report on May 25th mentioning that the group has continued their operation. As in Dr. Web’s reports, the malware hasn’t been updated and operates in the same way. Avast published a list of over 140 Android tablets and smartphones which have Casiloon, the group’s malware. However, there are times when the malware won’t download – when the public IP is from a Chinese IP range, the language is set to Chinese and when the apps installed internally are more than three. Avast hasn’t been able to confirm that avoiding Chinese users because of law enforcement attention is the reason for the group’s strange activity.

The group seems to be interested in generating revenues only through ads. In almost all cases, ads are displayed on the Android interface itself or on top of other apps. The malware runs from the “/system” folder to connect to a remote server, downloads an XML file and then grabs any app the group choses and installs it without any user influence.

Exit mobile version