While Android malware is a common threat, we typically warn you about a handful of apps, maybe a few dozen at most, infected with a particular variant. That’s why I made a triple attempt when I saw that a new malware was in play over 60,000 unique apps.
The team at Bitdefender, a popular antivirus app, discovered the threat thanks to a new app anomaly detection feature built into the software. The malware campaign appears to have started in October 2022 and is present in a variety of app categories including VPN software, game cracks, game cheats, security software, Netflix, and various utility apps (via Bleeping Computer).
Netflix? Yes, but the key is that these apps are not found in Google Play. The infected apps can all be found in third-party app stores. So if you stick with Google Play, you’re on the safe side. In this case, we often cover malware that has made it to Google Play. So don’t assume that this alone will always keep you safe.
What can this malware do?
The infected apps will be installed as usual. When you then open it, the error message “Application is not available in your region. Tap “OK” to uninstall.
You will be shocked to hear that the malware is lying. Instead of uninstalling the app, it simply puts it to sleep for two hours and plants the digital seed for the app to wake up whenever your phone is started or unlocked. To avoid detection, the adware is only triggered about two days after initial installation.
Once active, it connects to threat actors’ servers and starts serving ads either in your browser or in some cases full-screen takeover ads.
For now, this is relatively benign, as malware filters the money out of the ads you’re exposed to instead of the money going to the other companies that serve you online advertising, but things could get a lot worse in the blink of an eye.
According to Bitdefender, “the threat actors involved can easily change their tactics to redirect users to other types of malware, such as banking trojans to steal credentials and financial information, or ransomware.”
(Image credit: Bitdefender)How to protect yourself
The first step in this case would be to not install any apps from outside of Google Play. While that’s not a guarantee of security, it certainly helps and would prevent you from being exposed to this particular threat.
Otherwise, however, you should install a good antivirus app that can detect and remove such threats once identified. Having personally tested dozens, Bitdefender is my top pick and also one of the cheapest, but there are other options like Norton 360, Trend Micro, and McAfee. If you already use one of these services for your desktop antivirus solution, you can and should install it on your phone as well.
Today’s best Bitdefender Mobile Security offers
