Cyberattacks are increasingly orchestrated in official mobile app stores. Being completely free software, Android has experienced several risk situations in which user data has been compromised and, apparently, cyber attackers are taking advantage of security holes in the Google Play Store to introduce their malware programs. in various applications. Hundreds of them have already been detected and experts have offered advice on how to protect yourself.
In a world in which applications are our daily bread, since we must download them to take advantage of our smartphones and have the need to use them for pure entertainment or to perform our daily tasks, organizations coexist that try to put all of our resources at risk. data with the sole objective of obtaining good loot.
In this area, Android is one of the most affected operating systems, since reports from researchers have already reported hundreds of applications that have been infected in the official Google Play Store between June 2023 and April 2024.
Although large companies have a fairly reinforced cybersecurity defense wall, they are not exempt from possible cyber attacks that occur constantly throughout the year. Without going any further, threat intelligence researchers Zscaler have described that since the beginning of this year more than 90 malicious applications from the Play Store have been downloaded, with a total of 5.5 million downloads.
Main threats
The same report reflects that for several months a set of malware families were identified that acted aggressively against the privacy of Android users. Most of them were discovered in the tools, personalization, photography, productivity and lifestyle categories:
- Joker: covers 38.2% of the applications investigated and is responsible for capturing information and SMS messages that subscribe its victims to premium services.
- Adware: accounts for 35.9% of the total and is based on applications that consume Internet bandwidth and battery due to the introduction of fraudulent advertisements.
- Facestealer: represents 14.7% and thieves are responsible for stealing Facebook account credentials through the use of phishing, with forms on legitimate social media applications.
- Coper: Used in 3.7% of applications and also acts as an SMS message interceptor and phishing page launcher.
- Loanly Installer: reaches 2.3% and is another of the dangerous viruses that extracts your information.
- Harly – A Trojan introduced into 1.4% of Play Store tools that is also used for premium subscriptions.
- Anatsa: Affects 0.9% and attacks more than 650 banking applications worldwide.
However, although they tend to be the most common, there are others that are very forceful and harmful, such as the case of the Necro malware loader for Android, which was downloaded 11 million times, the Goldoson malware, which was found in 60 official applications with a total of 100 million downloads, or that of SpyLoan, which last year was found in Google Play applications with 12 million downloads.
How to avoid the installation of malicious applications?
To know the recommendations for firmly avoiding the installation of malware in the Google Play Store, you must first carefully read the reviews written by other users to see the problems that are usually reported before you start downloading anything. Next, many applications will ask you to verify the installation permissions, so it may be time to cancel the process if you notice that these requirements are highly dubious.
Be that as it may, the Zscaler reports have set off alarm bells and Google has already set to work to calm the community and release a statement explaining that the malicious versions of the applications identified with malware have been eliminated, so that your confidential information is safe.
“Android users are automatically protected against known versions of the malware mentioned in this report using Google Play Protect, which is enabled by default on Android devices with Google Play Services. “Google Play Protect can warn users or block apps that are known to exhibit malicious behavior, even when they come from sources outside of the Play Store.”
