These Android Apps In Google Play Infected 2M Devices With Malware, Delete ASAP
The apps above are shells for a module that receives commands through Firebase Cloud Messaging and proceeds to display ads by loading websites in the browser.
Another highlighted app is called Tubebox, in which users can seemingly make money by watching videos and ads. User are promised coins or coupons that could be converted into real currency that can be withdrawn through various payment methods. However, the app fails to pay its users by notifying them that there are errors, but encourages its users to keep watching videos and ads to keep earning while the issues are resolved.
Dr. Web also found a bunch of apps masquerading as Russian banking or investment groups, or even directories or survey programs, but were actually loan scams. Cybercriminals claimed that users could learn how to invest so that they would be able to make profitable investments and trade natural gas. In reality, such fake apps loaded specially crafted sites that were designed to get users to participate in dodgy surveys, register accounts, and submit applications in order to collect their personal information.
Again, we cannot stress this enough—if you even think you might've installed any fraudulent app(s), please delete it from your device immediately. Moving forward, if an app you want to install looks suspicious or is too good to be true, you can try scouring through reviews or the developer's website for signs of paid comments, canned information, or other red flags. In just about all cases, though, it is best to err on the side of caution and follow your gut.
