HQ/EMEAFind out how we can help your business
Researchers discovered more than 60,000 adware apps that target Android-based devices. The malicious apps act as cracks or mod versions of well-known Android applications. The developers aim to spread unwanted ads to users as part of an ongoing campaign that started in October last year.
The researchers explained that the campaign operators have aggressively pushed Adware to Android devices to earn revenue. However, the scary part of the campaign is that actors could immediately transition to other malicious tactics like redirecting users to different malware operations.
Hence, the campaign could quickly deploy banking trojans to harvest credentials and financial data or execute a ransomware attack.
A recent tally spotted over 60,000 Adware apps that could infect numerous Android users worldwide.
According to investigations, the threat actors have already published and disseminated thousands of Adware apps. The confirmed targets of these malicious applications are Android users from South Korea, Kazakhstan, Romania, Germany, France, the United Kingdom, Brazil, and the United States.
Further analysis revealed that the threat actors had not published even one of the 60,000 applications on the official Google Play Store. However, the campaign redirects users that search for applications like PDF viewers, Netflix, security software solutions and cracked versions of YouTube on a search engine to an ad page that hosts the malware.
The adware apps have no names or icons once installed on a device. Furthermore, users that launch the apps for the first time will receive a message that states, ‘App is not available in your region. Tap OK to uninstall.’ However, the news is a misdirection while the app executes the malicious activity in the background.
The campaign also has a feature that includes adware behaviour that will stay inactive for a couple of days, triggering when the victim unlocks the infected device.
These findings appeared after the emergence of the compromised SpinOk SDK last month, where nearly 200 apps on the Google Play Store have infected millions of users. Users should refrain from downloading apps from unofficial stores and unknown sources to avoid these circulating threats in the wild.
