A new set of malware and phishing Android apps has been discovered by Dr. Web. According to experts, these applications pretend to be useful utilities and system optimizers, but in fact they cause device crashes, annoying ads and poor user experience.
One of the applications that the researchers talked about was TubeBox, which is still available on Google Play.
The app promises users cash rewards for watching videos and ads in the app. However, users will never be able to receive their reward - TubeBox gives various errors when trying to receive a reward for viewing ads.
The researchers believe that in this way the app developers are trying to keep the victim in order to show her as many ads as possible.
According to Dr.Web researchers, before October of this year, there were several other applications on Google Play using a similar strategy:
- Bluetooth device auto connect (bt autoconnect group) - 1,000,000 downloads;
- Bluetooth & Wi-Fi & USB driver (simple things for everyone) - 100,000 downloads;
- Volume, Music Equalizer (bt autoconnect group) - 50,000 downloads.
All of the above applications were used to earn money from ad impressions on infected devices. But in the case of Fast Cleaner & Cooling Master, the attackers decided to go even further, turning the victim's smartphone into a proxy server through which the operators sent their traffic.
The researchers also found several fraudulent applications targeting users from Russia. Each of them had an average of 10,000 downloads on Google Play. These apps were promoted through advertisements that promised victims a guaranteed return on their investment. But in reality, it was not at all like that - applications took users to phishing websites, where attackers simply stole users' personal data.