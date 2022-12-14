



Recently, several new Android malware, phishing, and adware applications entered the Google Play store and unknowingly tricked millions of users into installing them.

These applications were identified by Dr. Web Antivirus and Masquerade as useful tools and system optimizers. However, it only caused performance issues, unwanted ads, and users of over 2 million downloads to degrade his experience.

TubeBox available on Google Play

One application Dr. Web highlighted has been downloaded over a million times and is titled TubeBox. The app promises cash rewards to users for watching ads and videos, but does not pay out as promised.When users try to redeem the rewards earned for watching, some error her message will be

No payment will be made, even for users who have completed the last step and performed a withdrawal. It states that it’s just a trick to try and keep users on the app for as long as possible.

TubeBox isn’t the only malicious app of this kind documented in recent months. Many other adware apps appeared on the Google Play Store in his October but have now been successfully removed. These include Bluetooth & Wi-Fi & USB Driver (100,000 downloads), Fast Cleaner & Cooling Master (500 downloads), Bluetooth & Wi-Fi & USB Driver (100,000 downloads), Volume, Music Equalizer (50,000 downloads).

All of the above applications are designed to receive Firebase Cloud Messaging commands, load websites specified in those commands, and generate fraudulent ad impressions on infected computers.

The low-download Fast Cleaner & Cooling Master app also allows remote operators to configure infected computers to act as proxy servers. Proxy servers then allow threat operators to direct their own traffic through infected computers or other devices.

Investment scam app targeting Russian users

Dr. Web antivirus experts also found a series of applications featuring cunning loan scams. The malicious app claimed to have direct ties to Russia-based investment groups and banks. Each loan fraud app was downloaded approximately 10,000 times from the Google Play store.

These applications were promoted using malicious advertising campaigns with other apps. Each ad promised a guaranteed return on the user’s investment, but the app actually tricked victims into visiting a dedicated phishing site that collects personally identifiable information (PII). Designed to

Users looking to protect themselves against rogue applications available for purchase from the Google Play Store should always read reviews for negative experiences, scrutinize privacy policies, and when in doubt visit developer websites and download apps. reliability needs to be further evaluated.

As a general rule, it’s always best policy to keep the number of apps installed on your device to a minimum and to check regularly to make sure Google’s protection from Play is still active.

