Android is an open-source operating system, which means that any developer can create applications (apps) for it. However, this feature is not only used by legitimate developers, but also by scammers.
This month alone, Google has managed to ban more than 9 mobile apps (including GG Voucher, Vote European Football, GG Coupon Ads, GG Voucher, Chatfuel, Net Coupon, EURO 2021, etc.) from its Play Store for being used to spread the Android malware FlyTrap, according to the report by Zimperium, a US-based cybersecurity firm.
The FlyTrap malware was used to attack Facebook users' accounts in order to obtain their personal information and use it for illegal activities such as hacking. However, according to the experts, these Google-banned apps can be installed on mobile devices running Android OS with the help of third-party apps and apk. The malware had already spread to more than 140 nations across the globe and affected over 10k victims since March this year.
Most of the affected victims were people using apps that offer coupon codes and voting apps for the best soccer player or goal or soccer club of the season etc. Some of these apps allow people to use Fan Tokens to participate in the above decisions.
Additionally, a recent report states that there are over 125 cryptocurrency apps that are fraudulent. As the number of people flocking to the cryptoasset mining sector grows, cybercriminals are taking advantage of this to hack, scam and steal from people by deploying malware and designing malicious Android apps that target digital currency users.
Recently, cybersecurity experts discovered about eight mobile apps that posed as cloud mining apps for virtual assets that allow users to earn cryptos. These nasty apps forced victims to view non-paying ads and pay additional fees for skyrocketing mining capabilities, expecting to make huge profits after a certain period of time, such as a month, which never happened.
Following the increasing complaints from victims and researchers, Google Play has since removed these nasty cryptoasset apps from the Store. Some of the apps that have been removed include: Daily BTC Rewards (cost about $6), Holic (people had to buy these apps for about $13), Bitcoin 2021, and many others.
According to the data from Trend Micro Mobile App Reputation Service (MARS), even though the above mobile apps have been deleted, there are still over 125 illegal digital currency mining apps used by victims, and most of these apps are detected as AndroidOS_FakeMinerPay and AndroidOS_FakeMinerAd.
In an effort to protect users from being exploited by criminals, Google and other cybersecurity teams like MARS have been trying to cover malware on Android and iOS using top sandboxes and machine learning.
Google also uses Google Play Protect, which scans apps when a user installs them. The app also periodically scans the smart device and when it detects a potentially malicious app, it usually sends a notification to the user to remove the app, it also disables the app until a user uninstalls it, and it can also remove the app automatically.
Generally, the Google Play Protect has been successful in many cases, however, every day the criminals change their attack tricks by creating features in an app that are hard to track and detect. And the fact that some of the fraudulent apps go unnoticed on Play Market makes it clear that there is a need for more effective tools.