These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites

Technology

A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign.

The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively downloaded over one million times.

According to Malwarebytes, the websites are designed to generate revenues through pay-per-click ads, and worse, prompt users to install cleaner apps on their phones with the goal of deploying additional malware.

The list of apps is as follows –

  • Bluetooth App Sender (com.bluetooth.share.app) – 50,000+ downloads
  • Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices) – 1,000,000+ downloads
  • Driver: Bluetooth, Wi-Fi, USB (com.driver.finder.bluetooth.wifi.usb) – 10,000+ downloads
  • Mobile transfer: smart switch (com.mobile.faster.transfer.smart.switch) – 1,000+ downloads
Malware Android Apps

It’s no surprise that malicious apps have devised new ways to get past Google Play Store security protections. One of the more popular tactics adopted by threat actors is to introduce time-based delays to conceal their malicious behavior.

Malwarebytes’ analysis found the apps to have an approximately four-day waiting period before opening the first phishing site in Chrome browser, and then proceeding to launch more tabs every two hours.

CyberSecurity

The apps are part of a broader malware operation called HiddenAds, which has been active since at least June 2019 and has a track record of illicitly earning revenues by redirecting users to advertisements.

The findings also come as researchers from Guardio Labs disclosed details of a malvertising campaign dubbed Dormant Colors that leverages rogue Google Chrome and Microsoft Edge extensions to hijack user search queries to an actor-controlled domain.

Products You May Like

Articles You May Like

Lebanon had ‘no say in the decision to go to war,’ foreign minister says
Thieves possibly using drones in series of burglaries in Santa Clarita community – NBC Los Angeles
Police arrest assistant principal accused of molesting students in Ventura County – NBC Los Angeles
Den of Geek Hosts Historic Live Charity Auction at Big Apple Con Featuring Rare Comics and Special Guests
Ten and Rose, Amy and Rory, More