Despite Google’s efforts, its Android Play Store is still a hotbed for all sorts of malware. Even if the app store is carefully watched, moderators can’t always detect these apps before they’re released, though they’ll try to remove the threat as soon as possible. However, a Trojan has been hiding in the Play Store since at least 2020.
Estimates are that about 200 apps would be infected and the sum of downloads of those applications rise to at least 4.8 million, although this is a low estimate, so the real number could be much higher than anyone. suspicion.
This is the Trojan Harly
Starting with its name, it is a variation of the Jocker Trojan, probably with similar origins to this, which is why it has been given the name Harly as a slightly altered form of Harley Quinn, partner of the Joker.
Like the Jocker Trojan, the Harly family Trojans imitate legitimate applications. Cybercriminals download ordinary apps from Google Play, insert malicious code into them, and then upload them to Google Play under a different name. Applications may still have the features listed in the description and function normally as expected, so users may not even suspect a threat.
What makes these apps even risky to use is that they provide all the functionality a user would expect, so you may not even know you’re a Trojan victim before it’s too late.
One thing that sets Harly apart from other members of the Jocker malware family is that it does not have a multi-stage downloader. Instead, this Trojan places the entire payload inside a single application and then decrypts it using a variety of methods. This just goes to show how important it is for users to be aware of the dangers of downloading low-quality apps. It’s best to thoroughly research apps before downloading them to make sure they’re safe and don’t contain any malware.
How to protect yourself from this Trojan
Official app stores continually fight against the spread of malware, but as we see, they are not always successful. Before installing an app, you should first read user reviews and check its rating on Google Play. Of course, keep in mind that reviews and ratings may be inflated, but they can provide enough information to make you suspicious. Trust developers with multiple projects in the store and good overall reviews first, which adds a degree of trust.
To cover all possible security gaps and avoid falling victim to this type of malware, it is recommended that you install a reliable security solution that can prevent and cure in case of infection by this or another Trojan.