Even the mildest Android apps on the Google Play Store can be dangerous as cybercriminals keep coming up with clever ways to bundle malware with popular apps.
In fact, a Study 2020 (Opens in a new tab) (PDF) from Norton Live Look I found it Two-thirds of Android malware It comes through Google Play. This makes sense because it is the largest official Android app store and comes pre-installed on Best Android Phones.
The infamous Joker malware has made headlines in the past but a new blog post (Opens in a new tab) From Kaspersky A similar malware strain called Harly, named after the DC villain’s girlfriend, has brought the spotlight out of the house again.
Since 2020, more than 190 harmful applications infected with Harly malware have been detected in the Play Store. While a conservative estimate of the number of times these bad apps have been downloaded is 4.8 million, the actual number may be higher.
Joker Malware vs. Harly Malware
exactly like Joker MalwareHowever, cybercriminals using Harly malware to infect Android devices download regular apps from the Play Store, insert malicious code in them and then upload these new apps under a different name.
Since the changed apps now still have the features listed on their Play Store pages, most users don’t suspect anything.
Applications containing the Joker malware use multi-stage downloaders to receive their malicious payloads from attacker-controlled command and control (C&C) servers. With the Harly malware, the apps themselves contain the entire malicious payload and use different methods to decrypt and run them.
Victims register for subscription services
Although Joker and Harly operate slightly differently under the hood, the two malware strains are used to unknowingly log users whose devices have been infected with expensive subscription services.
Once installed, Harly collects information about the user’s device as well as details about the mobile network they are using. The phone then switches from Wi-Fi to a mobile network and the malware connects to a C&C server to compile a list of subscriptions to sign up for.
From here, Harly opens the subscription sites in an invisible window, enters the victim’s phone number, presses the required button, and even enters any confirmation codes sent via text. The end result is that the victim has subscribed to the subscription service without even realizing it.
Surprisingly, Harly is even able to call specific phone numbers when necessary and confirm subscriptions.
How to stay safe from malicious Android apps
Despite the efforts of Google, malicious apps They often end up in the Play Store. That’s why you should carefully check the reviews and ratings for every app you download. Since reviews on the Play Store can be faked, it is also worth checking online to find written or video reviews of any app you are considering installing on your Android phone.
Likewise, you should make sure that google play for protection It is enabled on your device and it scans all your apps as well as new ones for any signs of malware. For additional protection, you may want to install one of the Best antivirus apps for Android like that.
Just like anything else you download online, you have to be careful when adding new apps to your devices. Before installing a simple flashlight, address book, or translation app, it’s always a good idea to ask yourself if you really need this app in the first place.
#Move #Joker #Harly #malware #infects #millions #Android #phones