20 Best EMEA App Development Agencies (2025)



malicious apps app play store :: Article Creator

Malicious Play Store Apps Put 8 Million Android Users At Risk

NEWYou can now listen to Fox News articles!

Malicious apps are pretty common, and it's easy to accidentally download them if you're not cautious. You'll often find these apps on third-party app stores, shady websites, or through suspicious emails and texts. What you wouldn't expect is to encounter them on the Google Play Store if you're an Android user or the App Store if you're on iPhone. 

While Apple does a great job of keeping its app marketplace safe, Google doesn't quite measure up.

A new report has revealed that over a dozen malicious apps containing SpyLoan malware have been available on the Play Store. These apps have been downloaded by 8 million Android users, putting them at risk of extortion, harassment and financial loss. Below are images of four of the SpyLoan apps found on Google Play.

GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT'S NEWSLETTER – THE CYBERGUY REPORT HERE

Images of four of the SpyLoan apps found on Google Play (McAfee)

What is SpyLoan malware?

SpyLoan is malware often hidden in apps that promise instant loans. These apps reel people in with offers of quick, hassle-free loans, boasting low rates and hardly any requirements. While they might look legit at first glance, their real goal is to gather as much personal info as they can. 

Once they have it, they use it to harass or pressure users into paying ridiculous interest rates. They also use shady tactics like countdown timers or "limited-time" offers to create a fake sense of urgency, pushing people to act fast without thinking it through. Instead of helping with finances, these apps trap users in a cycle of debt and invade their privacy.

McAfee's mobile research team has uncovered 15 apps on the Google Play Store packed with SpyLoan malware. These apps use the same code and systems, targeting users worldwide to steal data and send it to command-and-control (C2) servers. Many of them hide behind fake names and logos that mimic legitimate financial institutions, making them look trustworthy at first glance. You can find the names of these apps in the screenshot added below.

WHAT IS ARTIFICIAL INTELLIGENCE (AI)?

Fifteen apps on the Google Play Store packed with SpyLoan malware (McAfee)

McAfee, an App Defense Alliance partner tasked with helping keep the Play Store safe, reported the apps to Google. Google took action, and the malicious versions of the apps are no longer available on Google Play. 

We reached out to Google, and a rep confirmed that Android users are automatically protected against known versions of this malware by Google Play Protect. However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices.

ANDROID BANKING TROJAN EVOLVES TO EVADE DETECTION AND STRIKE GLOBALLY

How do these predatory apps work?

The goal of these malicious apps is to gather as much data as possible from infected devices, which they then use to extort users. Victims are often coerced into repaying loans at sky-high interest rates, with some even being threatened for delays. In extreme cases, the app operators have harassed victims' families and sent death threats, using stolen personal photos as leverage.

These apps request intrusive permissions, giving them access to system data, cameras, call logs, contacts, location, and SMS messages. They justify this data collection by claiming it's necessary for user verification and anti-fraud measures. 

Users signing up for these services are verified through a one-time password (OTP) to confirm their phone number is from the target region. They are also pressured to share additional details like ID documents, bank accounts, and employment information.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

A woman holding an Android phone (Kurt "CyberGuy" Knutsson)

ANDROID BANKING TROJAN MASQUERADES AS GOOGLE PLAY TO STEAL YOUR DATA

4 ways to protect yourself from SpyLoan malware

1. Have strong antivirus software: Android has its own built-in malware protection called Play Protect, but the SpyLoan malware proves it's not enough. Historically, Play Protect hasn't been 100% foolproof at removing all known malware from Android phones. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.

2. Download apps from reliable sources: It's important to download apps only from trusted sources like the Google Play Store. You might say I am contradicting myself, but the Play Store is still safer than other options out there. They have strict checks to prevent malware and other harmful software. However, even with the security measures provided by Google Play, downloading apps from the store does not guarantee 100% protection against malware or harmful software. Avoid downloading apps from unknown websites or unofficial stores, as they can pose a higher risk to your personal data and device. Never trust download links that you get through SMS.

3. Be cautious with app permissions: Always review the permissions requested by apps before installation. If an app requests access to features that seem unnecessary for its function, it could be a sign of malicious intent. Do not give any app Accessibility permissions unless you really need to. Avoid granting permissions that could compromise your personal data.

4. Take loans from legit institutions: Always take loans from legitimate financial institutions like banks or well-known lenders. Avoid sketchy apps or services promising instant cash with minimal requirements. They're often too good to be true. Legit lenders are transparent about their terms, interest rates, and fees, and they won't demand access to your personal data or pressure you with scare tactics. If you're unsure about a lender, check reviews, verify their credentials, or consult a financial advisor before committing.

THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION

Kurt's key takeaway

It can be tempting to use apps that promise instant loans, especially when you need the money. But they're often just trying to scam you and push you into a never-ending debt cycle. If you need a loan, go to a trusted bank or lender. Protecting yourself from malicious apps like those infected with SpyLoan malware starts with staying informed and cautious. Always scrutinize the apps you download, stick to trusted platforms, and think twice before sharing sensitive information.

CLICK HERE TO GET THE FOX NEWS APP

Do you think Google does enough to protect users from malware on the Play Store? Let us know by writing us at Cyberguy.Com/Contact.

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.Com/Newsletter.

Ask Kurt a question or let us know what stories you'd like us to cover.

Follow Kurt on his social channels:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.Com. All rights reserved.

Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt's free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.Com.


The Two Apps On Google Play Store That Are Putting Millions Of Android Users At Risk

NEWYou can now listen to Fox News articles!

In some unfortunate news, the Google Play Store has unveiled yet another mischievous duo hiding in its digital realm. A leading cybersecurity company called Pradeo was the one to make the discovery. After detecting this illicit behavior, Pradeo immediately alerted Google, and the apps were removed from Google Play. Researchers at Pradeo found that two malicious apps contained spyware and have been secretly sending Android users' private data to servers in China. Here's what we know so far and what you can do if you have these apps downloaded to your device.

CLICK TO GET KURT'S FREE CYBERGUY NEWSLETTER WITH SECURITY ALERTS, QUICK TIPS, TECH REVIEWS AND EASY HOW-TO'S TO MAKE YOU SMARTER

What are these apps, and what did they do?

The two apps were posing as file management tools and had collectively amassed over 1.5 million downloads. The two apps are called File Recovery & Data Recovery and File Manager, both from the same developer. Each app was meant to be a way for Android users to help organize files and data on their phones. Both of the apps also stated that no data collection occurs under their watch.

THIS QUICK TRICK LETS YOU COPY TEXT FROM ANY IMAGE IN SECONDS

Two apps masquerading as file file management tools were being downloaded on the Google Play store and have stolen data from many Android users. (CyberGuy.Com)

 Credit: Pradeo

What did these malicious apps collect and share with China?

The Pradeo report found that these apps actually collected reams of private user information and shared it with China without people's knowledge, including contact lists, media files, real-time locations, mobile country codes, network provider details, SIM provider network codes, operating system versions, device brands, and models.

COULD A CHUNK OF THIS $37.5M FACEBOOK SETTLEMENT BELONG TO YOU?

The deceptive tactics of the hackers behind the two apps

The hackers behind these apps also made it look like they were trustworthy by using install farms to artificially inflate the number of downloads they had.  By inflating the download count, they create an illusion of trustworthiness, making potential victims more likely to install their apps. Plus, each app also had advanced permissions to allow them to hide their icons on an Android Home Screen, so it's more difficult to uninstall them. This further aids the hackers in maintaining their presence on a victim's device, increasing the potential for unauthorized access or malicious activities.

MORE: MALICIOUS ANDROID SPYWARE DETECTED IN OVER 100 POPULAR APPS

Google's response to the apps on the Google Play Store

We reached out to Google for a comment about the two malicious apps that were discovered on the Google Play Store, and a Google spokesperson had this to say:

"These apps have been removed from Google Play. Google Play Protect protects users from apps known to contain this malware on Android devices with Google Play Services, even when those apps come from other sources outside of Play."

DON'T PANIC: HERE'S WHAT TO DO IF APPLE THREATENS TO DELETE YOUR IPHONE PHOTOS

What if I have these apps on my Android?

You can remove the apps yourself, but Google Play Protect, which is built-in malware protection for Android devices, automatically removes known malware. However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all known malware from Android devices. 

Have antivirus software on all your devices 

Keeping hackers out of your devices can be prevented if you have good antivirus software installed. Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information. Plus, it's designed to tell you when there is already malware on your device so that you can immediately work towards getting rid of it. 

See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to Cyberguy.Com/LockUpYourTech.

HOW HACKERS ARE NOW TARGETING YOUR VOICE AND HOW TO PROTECT YOURSELF

File Manager is an app that sent Android users info to servers in China. (CyberGuy.Com)

 Credit: Pradeo

How to uninstall an app on your Android

Settings may vary depending on your Android phone's manufacturer 

  • Go to your Settings app
  • Tap Apps & notifications or just Apps
  • Tap See all apps
  • Scroll down and find the app you want to uninstall
  • Tap the app and then tap Uninstall
  • Hit Ok

    • MORE: ANDROID USERS AT RISK AS BANKING TROJAN TARGETS MORE APPS 

    How can I avoid this from happening in the future?

    Before downloading a new app to your phone, you should always be careful even if it's from a legit source like the Google Play Store or the App Store. 

    Read the reviews and privacy policies

    This is one of the most important steps you can take before downloading an app. You want to make sure that you understand exactly what kind of permissions an app has before giving over your personal information, and make sure you're also thoroughly reading reviews. Look for specificity in those reviews because sometimes hackers will post generic, fake reviews to make an app look legit when it's not. It also wouldn't hurt to do some research on the app developer to see if they're legit.

    Be skeptical of app clones

    Sometimes, cybercriminals create fake or cloned versions of popular apps to trick you into downloading malware. Pay attention to app names, developer names, and reviews to ensure you're downloading the legitimate version.

    Trust your instincts

    If something feels off about an app, trust your gut instincts. If an app seems suspicious, has poor reviews, or exhibits unexpected behavior, it's best to err on the side of caution and avoid downloading or using it.

    HOW TO HIDE PHOTOS ON YOUR IPHONE AND ANDROID FROM SNOOPS

    Kurt's key takeaways

    Unfortunately, these hackers successfully trick innocent people into downloading these malicious apps, which is why we always have to stay vigilant and research everything before we download an app to our phones and tablets. Let's keep our guard up and remember that a few moments of precautionary research can save us from the endless headaches caused by these cunning hackers and their nefarious apps.

    CLICK HERE TO GET THE FOX NEWS APP

    What more could app stores be doing to prevent malicious apps like these from sending our private data to foreign countries like China? Let us know by writing us at Cyberguy.Com/Contact

    For more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.Com/Newsletter

    Copyright 2023 CyberGuy.Com.  All rights reserved.

    Kurt "CyberGuy" Knutsson is an award-winning tech journalist who has a deep love of technology, gear and gadgets that make life better with his contributions for Fox News & FOX Business beginning mornings on "FOX & Friends." Got a tech question? Get Kurt's free CyberGuy Newsletter, share your voice, a story idea or comment at CyberGuy.Com.


    Malicious App Developer Remains On Google Play Despite Being Cited Multiple Times For Malware

    Google is still failing to catch malicious apps from being listed on its app store, but it seems that some developers that have been cited aren't even being kicked off the platform. Security software company Malwarebytes reported Tuesday that four apps listed by developer Mobile apps Group contain a well-known malware used to steal users' information. As of the time of reporting, all four apps are still listed on Google Play Store.

    Worse still, Malwarebytes wrote that the developer in question has been found deploying malware in its apps before, yet they're still able to list their apps on Google's main app store.

    The apps are listed by the company Mobile apps Group, whose listing on Play Store includes the tagline "Using the smart app, you guarantee a strong and reliable Bluetooth pairing with any device." The apps include:

    Bluetooth Auto Connect

    Driver: Bluetooth Wi-Fi, USB

    Bluetooth App Sender

    Mobile transfer: smart switch

    As of time of reporting Wednesday morning, the developer's malware-containing apps were still available on Play Store.As of time of reporting Wednesday morning, the developer's malware-containing apps were still available on Play Store. Screenshot: Kyle Barr/Gizmodo

    Nathan Collier, a malware intelligence analyst for Malwarebytes, wrote that when users first install Bluetooth Auto Connect, there's a several-day delay before it starts opening phishing sites in Chrome. These sites run in the background even if a device is locked and open automatically when users unlock their phones. These phishing sites reportedly include porn sites that lead to phishing pages or other sites that spam users with messages that they've been hacked and need to perform an update.

    Mobile apps group has been cited twice in the past for listing malware-infected apps, according to Collier. Other cybersecurity researchers have bloggedabout an earlier version of Bluetooth Auto Connect. Two days after that blog and subsequent delisting, the developers released a 3.0 version on Google Play, which means those malicious devs did not even receive a probation period. The devs released the current 5.7 version of the app last December, meaning that the malware has potentially remained for close to a year.

    Google did not immediately respond to Gizmodo's request for comment. Google has a stated policy against any app that includes malware of any type, and the system claims it warns users if it detects a violation of its malware policy.

    Collier wrote that first log entry from the malware called Android/Trojan.HiddenAds.TBGTHB is recorded a few hours after he installed the app, though the time before it installs varies between the different apps.

    There have been loads of other high-profile malicious app scandals on Google Play, including one Muslim prayer app that was harvesting users' phone numbers. Last year, Google booted nine other apps from its store after researchers found they used malware to steal users' Facebook logins.

    Delaying malware infiltration is a common way that bad actors get around app store filters, Collier wrote. It remains unclear why Google was unable to detect these apps, but another recent report from cybersecurity company Bitdefender noted there were 35 other malicious apps being listed on Play Store that have racked up over 2 million downloads in total. That August report noted that once these apps are installed they rename themselves and change their app icon in order to confuse users and avoid detection. An even earlier report from July by Dr. Web noted a few dozen other malware-infected apps were modifications to known malware.

    Google Play Protect is the company's built-in malware defense program, and according to its own page it scans over 100 billion apps on Google Play every day. But researchers have previously noted that it so routinely fails at catching malware, ranking last among other security apps in 2021 tests by IT security researchers at AV Test.





    Comments

    Post a Comment

    Popular posts from this blog

    ZLUDA v2 Released For Drop-In CUDA On Intel Graphics - Phoronix

    Image
    One of many interesting and original open-source projects to be started in 2020 was ZLUDA, an open-spurce drop-in CUDA implementation for Intel graphics. ZLUDA - developed independent of Intel and NVIDIA - is built atop Intel's oneAPI Level Zero interface (hence the name, ZLUDA) and allows for unmodified CUDA applications to run on Intel UHD/Xe Graphics hardware with near-native performance. Well, that's the goal at least but with the initial ZLUDA release were a number of support limitations. Out today is ZLUDA Version 2 that has been focused on ensuring it works well with the Geekbench CUDA test cases as an interesting stressor for CUDA on Intel graphics. Additionally, the Microsoft Windows support for ZLUDA has been improved while continuing to provide first-rate Linux support. ZLUDA Version 2 implements more host-side functions, a number of bugs have been fixed, I/O performance improvements, support for creating traces of CUDA kernel executions, and other enhancements for...
    Read more

    7 Ways to Remove an External USB Drive in Windows 11 - MUO - MakeUseOf

    Image
    Many users utilize USB flash drives (sticks) to store files and transfer them between PCs. Of course, you can always remove such drives from USB ports without ejecting them first. However, you might corrupt data on your USB stick if you don't safely remove it. To forestall potential file corruption, you should eject USB sticks and external hard drives. There are numerous ways you can select to eject a USB flash drive before removing it. Here are several alternative methods for safely removing USB drives on Windows 11 PCs. 1. How to Eject an External USB Drive via the System Tray Windows 11's system tray displays a Safely Remove Hardware and Eject Media icon whenever you've inserted a USB stick or other external hard drive. Right-click that icon to open a context menu for it, which includes an Eject option. Select the Eject option there, and proceed to remove the drive when the Safely Remove Hardware icon has disappeared. ...
    Read more

    Google chrome crashed and now laptop is running very slowly. Malware? - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

    Image
    Hello, My Huawei laptop is not very old and has been working perfectly until yesterday. Google Chrome crashed and now it takes longer to start up, and neither chrome or Microsoft edge work properly (very slow and keep buffering). My avast anti virus has not found anything when I scanned, but I can't think what else the problem can be. I tried some of the steps in the post about a slow computer not being a malware problem but nothing changed, and since I don't have very much installed on my laptop I don't think it can be a problem with memory. Any help in fixing this would be very much appreciated. I have attached my log here; Rachel Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022 Ran by Rachel (administrator) on LAPTOP-AJP0U36V (HUAWEI BOHB-WAX9) (17-04-2022 16:11:18) Running from C:\Users\Rachel\Downloads Loaded Profiles: Rachel Platform: Microsoft Windows 10 Home Single Language Version 21H2 19044.1645 (X64) Language: ...
    Read more