A new security alert has been issued by researchers who speak about a massive adware campaign that has gone unnoticed for so long.
Shocking reports from tech and security experts were quick to speak about how more than 60,000 applications of Android worked under disguise as real apps and ended up installing adware. This was done on so many users’ phones and the fact that it went on for so long without anyone noticing is beyond shocking.
The news comes to us thanks to a new report by a cybersecurity firm located in Romania called Bitdefender which detects such malware through an innovative detection endeavor that has been included in its Bitdefender System for smartphones and its relevant software for the past 30 days.
To be more specific, the system ended up discovering around 60,000 unique applications that carried this form of adware and they claim there might be much more than this figure.
This new campaign is believed to have begun toward the end of 2022 and is now being sold out in the form of Netflix, VPNs, game cracks, and some apps for utility services across sites own by certain third parties.
This particular malware endeavor was the main target mainly targets those across the US and is closely followed up by nations including Germany, France, South Korea, and Brazil.
Such malicious apps aren’t hosted across platforms such as Google Play but they can be found on webpages owned by third parties. And these are designed to drive APKs.
Therefore, when a user visits such a webpage, they’re either resent to a webpage that showcases ads or they’re prompted to install apps that others search for. Moreover, such download websites are designed purposefully to distribute all malicious apps of Android so that when it’s installed, they can infect all other devices, in the same manner, using adware.
Once it gets downloaded, it won’t undergo configuration itself. This means you will not see it running in an automatic manner as it needs more privileges. So what you need to rely upon is classic Android functioning apps for a proper download flow and that prompts people to click on the Open button after installation.
In addition to that, such platforms don’t make use of icons and also use app labels with the characteristic UTF-8. Now the issue is that if users don’t begin apps after installation, they will not get launched.
When and if it does get launched, it would send out error alerts claiming the app isn’t available in the region so you press OK to get rid of the downloads.
There is a lot of precision that ensures the whole activity goes unnoticed for a few days so as to evade getting detected. So many such apps are solely used for reasons like putting out ads and some researchers mentioned how threat actors can quickly exchange adware URLs to get webpages that are far more malicious in nature.
Read next: Android Users Need to Act Fast to Safeguard Their Devices From Malicious SpinOk Malware
Shocking reports from tech and security experts were quick to speak about how more than 60,000 applications of Android worked under disguise as real apps and ended up installing adware. This was done on so many users’ phones and the fact that it went on for so long without anyone noticing is beyond shocking.
The news comes to us thanks to a new report by a cybersecurity firm located in Romania called Bitdefender which detects such malware through an innovative detection endeavor that has been included in its Bitdefender System for smartphones and its relevant software for the past 30 days.
To be more specific, the system ended up discovering around 60,000 unique applications that carried this form of adware and they claim there might be much more than this figure.
This new campaign is believed to have begun toward the end of 2022 and is now being sold out in the form of Netflix, VPNs, game cracks, and some apps for utility services across sites own by certain third parties.
This particular malware endeavor was the main target mainly targets those across the US and is closely followed up by nations including Germany, France, South Korea, and Brazil.
Such malicious apps aren’t hosted across platforms such as Google Play but they can be found on webpages owned by third parties. And these are designed to drive APKs.
Therefore, when a user visits such a webpage, they’re either resent to a webpage that showcases ads or they’re prompted to install apps that others search for. Moreover, such download websites are designed purposefully to distribute all malicious apps of Android so that when it’s installed, they can infect all other devices, in the same manner, using adware.
Once it gets downloaded, it won’t undergo configuration itself. This means you will not see it running in an automatic manner as it needs more privileges. So what you need to rely upon is classic Android functioning apps for a proper download flow and that prompts people to click on the Open button after installation.
In addition to that, such platforms don’t make use of icons and also use app labels with the characteristic UTF-8. Now the issue is that if users don’t begin apps after installation, they will not get launched.
When and if it does get launched, it would send out error alerts claiming the app isn’t available in the region so you press OK to get rid of the downloads.
There is a lot of precision that ensures the whole activity goes unnoticed for a few days so as to evade getting detected. So many such apps are solely used for reasons like putting out ads and some researchers mentioned how threat actors can quickly exchange adware URLs to get webpages that are far more malicious in nature.
Read next: Android Users Need to Act Fast to Safeguard Their Devices From Malicious SpinOk Malware
