A set of four Android apps released by the same developer has been discovered directing victims to malicious websites as part of an adware and information-stealing campaign.

The apps, published by a developer named Mobile apps Group and currently available on the Play Store, have been collectively downloaded over one million times.

According to Malwarebytes, the websites are designed to generate revenues through pay-per-click ads, and worse, prompt users to install cleaner apps on their phones with the goal of deploying additional malware.

The list of apps is as follows –

  • Bluetooth App Sender (com.bluetooth.share.app) – 50,000+ downloads
  • Bluetooth Auto Connect (com.bluetooth.autoconnect.anybtdevices) – 1,000,000+ downloads
  • Driver: Bluetooth, Wi-Fi, USB (com.driver.finder.bluetooth.wifi.usb) – 10,000+ downloads
  • Mobile transfer: smart switch (com.mobile.faster.transfer.smart.switch) – 1,000+ downloads
Malware Android Apps

It’s no surprise that malicious apps have devised new ways to get past Google Play Store security protections. One of the more popular tactics adopted by threat actors is to introduce time-based delays to conceal their malicious behavior.

Malwarebytes’ analysis found the apps to have an approximately four-day waiting period before opening the first phishing site in Chrome browser, and then proceeding to launch more tabs every two hours.


The apps are part of a broader malware operation called HiddenAds, which has been active since at least June 2019 and has a track record of illicitly earning revenues by redirecting users to advertisements.

The findings also come as researchers from Guardio Labs disclosed details of a malvertising campaign dubbed Dormant Colors that leverages rogue Google Chrome and Microsoft Edge extensions to hijack user search queries to an actor-controlled domain.


Products You May Like

Articles You May Like

Elon Musk to Grant ‘Amnesty’ to Banned Twitter Accounts
Trump loses bid to avoid handing over tax returns
Jason Eady and Adam Hood Hold Onto Hope in ‘Broke Not Broken’
Amazon Workers Walk Off the Job on the Biggest Shopping Day of the Year
Charles Kelley Shares New Song That’s a Goodbye Letter to Alcohol

Leave a Reply

Your email address will not be published.