Bitdefender warns {that a} main advert fraud marketing campaign within the Google Play Retailer resulted in additional than 60 million downloads of malicious apps.
The attackers managed to put not less than 331 malicious apps within the Play Retailer. Along with displaying full-screen adverts, among the apps additionally directed customers to phishing websites designed to reap their credentials.
“Most functions first turned energetic on Google Play in Q3 2024,” Bitdefender says. “After additional evaluation, we noticed that older ones that had been printed earlier had been initially benign and didn’t include malware elements. The malicious habits was added afterward, beginning with variations from the start of Q3.
To be clear, that is an energetic marketing campaign. The most recent malware printed within the Google Play Retailer went dwell within the first week of March, 2025. After we completed the investigation, every week later, 15 functions had been nonetheless accessible for obtain on Google Play.”
The apps posed as well-liked utility providers, similar to QR scanners, price range planners, well being apps, and plenty of others.
“One solution to hold a malicious app hidden from the person is to cover the icon – a habits that’s not allowed within the Android OS,” the researchers write. “We discover that attackers used a number of approaches to resolve this drawback. The most well-liked and fascinating one can also be probably probably the most environment friendly.
The app comes with the Launcher Exercise (e.g., that the person sees and clicks on) disabled by default. Afterwards, by abusing the startup mechanism supplied by the content material supplier, the samples use native code to allow the launcher, which is probably going carried out as a further method to evade detection.”
KnowBe4 empowers your workforce to make smarter safety choices day by day. Over 70,000 organizations worldwide belief the KnowBe4 platform to strengthen their safety tradition and cut back human threat.
Bitdefender has the story.
