Antiviruses Downloaded Thousands Of Times From The Google Play Store Steal Users’ Information.
Fake Antivirus, too much malware in the Play Store; Google no longer needs to scare users away from app downloads. According to the latest research, six other applications were detected that replaced the Antivirus and stole users’ account information. Fortunately, these items have been discovered and removed from the Google App Store.
According to Techspot and security researchers at Checkpoint, they downloaded these six apps more than 15,000 times before being removed by Google. While users thought they were downloading mobile Antivirus, they injected malware into their devices to steal information.
But how do fake Antivirus work? When a person enters their username and password, the details are sent to a malicious server and used to access accounts such as banks, social media, emails, and more.
Most of the victims were reportedly from Britain and Italy.
Interestingly, the malware used Geofence to identify and ignore users in China, India, Romania, Russia, Ukraine, and Belarus.
The various behaviors of such apps are not activated and are not detectable until the victim has downloaded the malware and communicated with the server; This is why most of them can easily bypass the Google Play protection layers.
Just two weeks ago, researchers at the French security company Pradeo revealed that an application called Craftsart Cartoon Photo Tools contained a version of the Android malware called Facestealer. The app was more than 100,000 times before being removed from Google Play.