There is a new malware affecting Android devices and researchers have expressed great concern about it.
The malware seen on the Google Play Store has already managed to gain over 2 million downloads so far and the rates continue to rise as we speak.
The news comes to us thanks to Bitdefender researchers who came to the conclusions after performing their real-time analysis. This is where they came across a series of malicious apps.
This malware is a new batch and there are at least 35 different members showing ads that are undesirable. They are easily downloadable from the Play Store and follow standard protocols.
In this way, they are able to entice users into downloading as they offer great incentives in return. Along the way, you’ll see them change their identities, including their name and image, within seconds of uploading. As a result, it is quite difficult to locate them and even more difficult to install.
After entering the system, they continuously provide users with invasive advertisements by leveraging WebView, generating revenue through operators, and are also capable of making fraudulent impressions. On top of that, they can even add more payloads on a compromised device. This is related to the fact that they use native frameworks for loading advertisements.
Bitdefender revealed in detail through its research how the adware app uses several techniques to disguise itself on Android. Moreover, you will even find them receiving updates so that they are easily invisible on users’ devices.
Just after installing them, you can see them transform into different icon and add different name tags by messing with settings. As a result, these maneuvers end up preventing detection and removal in apps.
Whenever you see a user click on a particular icon, the application ends up throwing the adware in the form of o size so that it is not detected easily. After that, it launches Settings so that users are tricked into assuming that they have got their hands on the correct app. But this is not the case.
There have been incidents where the app appears as an Oppo logo, as Samsung, or even as a Motorola. At the same time, you will find it with extreme encryption and heavy codes to stop reverse engineering.
This way, the Java payload that is in the DEX files cannot be discovered. But that’s not the only way these rogue apps end up hiding.
Another technique is to enter the list of “Recent Applications” so that when it is running in the background, no active process ends up revealing it. And it’s so disturbing that the number of apps is literally increasing with every passing day.
Some have also reached the 100,000 download mark. And if we had to choose the most popular, well, there is not just one but so many. Even as we write this particular article, there are still so many of them roaming the Google Play Store freely.
They include Animated Stickers Master, Walls Light, GPS Location Finder and even Wallpapers Pack. Since the report was first unveiled by Bleeping Computer, they have been asking Google to take action on it.
As for the rest of the list of apps, well, there are plenty of them on a series of third-party app stores. As you might expect, the number of downloads is certainly higher in the Google Play Store.
Researchers warn against such downloads. They claim that if users still have them on their devices, they should remove them immediately.
In this particular case, you might do yourself a favor by using a mobile AV tool to remove them since the apps disguise themselves as settings.
Read next: New research reveals how declining brand loyalty is
