On the official Android store, security researchers have seen a growing flood of trojans. The majority of trojan-infected apps are utilised in various scams that result in financial losses or the theft of sensitive personal information.
The Trojan swarm
The malicious apps are advertised as bitcoin software installation, Gasprom investment copies, welfare support aid tools, an iOS launcher (styled after iOS 15), and photo editors, according to a recent study by Dr. Web.
Most phoney investment apps require victims to register a new account and deposit funds for trading, with the funds finally being transferred to the scammer’s bank account.
Some apps charge $2 to remove advertisements.
Using Wap Click technology, additional apps load partner service websites and register victims for paid subscriptions.
Trojans discovered
SecretVideoRecorder, FakeAntiVirus, KeyStroke, WapSniff, FreeAndroidSpy, SilentInstaller, Loic, AdPush, SspSdk, Myteam, Adpush, and PWS are among the malicious apps discovered.
Facebook virus, for example.
Top Navigation, one of the apps, is available for download on the Play Store and has over 500,000 downloads.
Unofficial WhatsApp mods presented the greatest threat of all the apps.
WhatsApp add-ons
Some programmes, such as OBWhatsApp, GBWhatsApp, and WhatsApp Plus, appear to be WhatsApp versions.
Malicious websites are used to disseminate these apps, which are promoted through social network posts, forums, and SEO poisoning.
These mods are popular because they include features like Arabic language support, home screen widgets, and other functionality that WhatsApp lacks.
These trojanized apps come with integrated malware that uses the Flurry stat service to try to steal alerts from the Samsung Galaxy Store and Google Play Store.
Conclusion
Since January, people have been tricked into downloading trojanized software. As a result, Android users should avoid downloading APKs from unknown sources, read user reviews, and keep track of the app’s permission requests.