HQ/EMEAFind out how we can help your business
A group of unidentified threat actors has created the new Clicker malware that infected about 20 million Android users worldwide. Based on reports, the malware has infiltrated the Google Play Store by hiding behind 16 different compromised apps.
According to researchers, the Clicker Android malware has managed to get inside the Google Play Store by portraying itself as an authentic utility tool that targets Android phone users. Some identified applications containing the Clicker malware are QR readers, Task Managers, Cameras, Converters, Flashlights, and Torches.
These Android applications may appear as well-developed Android utility tools and software, especially for unaware users. However, these apps hide multiple features that could compromise targets, such as ad frauds loaded with remote configuration and Firebase Cloud Messaging tactics.
Experts explained that once a user downloads and accesses these apps, an HTTP request is sent by the attackers to deploy remote configurations. Subsequently, these remote configurations could download the Clicker Android malware.
The Clicker malware is allegedly designed by its authors to disrupt the mobile advertising landscape.
The researchers claimed that the actors developed the new Clicker malware to compromise the mobile advertising feature for Android devices. The infection allows its operators to gain revenue by displaying fraudulent ads on a targeted device.
A recent study revealed that modern threat actors are exploiting social applications to steal users’ accounts and credentials aside from targeting utility tool applications. Hence, device owners should be cautious about downloading sketchy applications.
In a related incident, a fake version of WhatsApp chat messenger called YoWhatsApp was discovered by researchers circulating on many platforms. The fake version of the messenger platform allegedly offered additional features, such as blocking access to individual chats and customising the interface. Unfortunately, the actors only used the app to steal access keys from victimised users.
In addition, Meta has deleted over 400 malicious iOS and Android apps that recently targeted Facebook users. Reports revealed that its developers used the apps to steal login credentials.
Cybersecurity experts explained the importance of installing security software on mobile devices to prevent attacks from mobile threats. Therefore, users should consider preventive measures and avoid downloading applications from untrusted sources.
