CEM REPORT | Mobile application have become part of us, such that app creators have built an app for everything and any need. The growing number of apps in various app stores today makes one wonder what hasn’t been created yet.
With the growing of apps, also comes the down side of cyber security, while some apps are built to improve cyber security, some are intentional created to collapse it.
With our mobile phones becoming our “daily life support” cyber criminals have seized it as an opening to perpetrate their illicit ways undetected. Theft, especially financial theft and other “silent” crimes have remained undetected and growing, capitalizing on the ignorance of users.
Recently, a group of cybersecurity researchers at Dr. Web Antivirus have identified some information-stealing malware apps on the Google Play Store. (official app store for android).
The report presented by these research analysts, states that adware apps and data-stealing Trojans were among the most prominent Android threats in May 2022.
The report noted that these spyware apps are written to steal information from other apps’ notifications, primarily to snatch one-time 2FA passcodes (OTP) and take over accounts.
The discovery exposed a list of highly downloaded apps that have paraded themselves as productivity user friendly apps whilst stealing sensitive data from the user. A method these app employ is requesting users to log in through their Facebook, thus hijacking passwords and other authorization details and send to cybercriminals.
These app include :
Wild & Exotic Animal Wallpaper:
The researchers, explain that this app hides itself from the user, by quietly replacing the app’s icon with a less noticeable one, while also changing its name to ‘SIM Tool Kit”. Also, its request permission to be added to the battery-saving feature exceptions list, allowing the trojan to display ads even when the device owner did not use this app for a long time. This app already has over 500,000 downloads on Google Play Store.
This was spread under the guise of a “Magnifier Flashlight” flashlight application. It hid its icon from the apps list on the home screen menu and periodically displayed advertisement videos and banners. The app has had 10,000 downloads.
Others uncovered are trojans designed to steal data which can be used to hack into Facebook accounts. According to the researchers, they were spread through image-editing apps like;
PIP Camera 2022
Camera Photo Editor
Light Exposure Photo Editor
While cyber criminals source new means to obtain sensitive information to perpetrate crime, we advise you limit the number of apps on your device or freeze apps you do not use regularly. Also another trick will be to use a trusted antivirus scanner to detect these apps.
Although, Google play store now scans apps for malware ensure you uninstall apps at its warning.