Google is doubling down on security practices to fight increasing threats from sideloading apps. Since cybercrooks use bogus Play Store sites to deliver malware, Google assures its customers that its security functions, such as Google Play Protect and Safe Browsing, are protecting them from harmful attacks.
“Chrome users are protected against the identified malicious URLs by Google Safe Browsing. Based on our current detection, no apps containing this malware are found on Google Play,” Google said in a statement to Forbes.
“Android users are automatically protected against known versions of this malware by Google Play Protect, even when apps come from sources outside of Play,” Google further added.
Fake Apps Are Hijacking Devices and Stealing Data
Cybersecurity company CTM360 has discovered a massive fraud scam targeting more than 6,000 fake Google Play Store pages meant to trick users into downloading malware-infected apps. The scam sites are pretty much exact replicas of the authentic Google Play Store.
Perpetrators lure victims over social media advertisements and messages that direct them to install applications appearing as free apps or giving one-off discounts. Yet, such apps carry Trojan malware intended for theft of the users’ data such as their bank details, keyboard inputs, and clipboard use.
‘PlayPraetor’ Malware Exploits Android Users
This new malware campaign, ‘PlayPraetor,’ works similarly to its Roman counterpart, with control over compromised devices. The cybercriminals employ domain names that are almost identical to authentic websites, even mimicking government institutions and public service portals, to gain more credibility.
As soon as users click on the imposter Play Store download link, they unknowingly install the Trojan. The malicious applications work very similarly to authentic ones, employing the same icons and names to prevent suspicion.
The malware takes advantage of Android’s Accessibility Services, allowing hackers to control a device in its entirety. It enables attackers to take screen captures, record keystrokes to steal login information, and observe clipboard activity to obtain cryptocurrency addresses or passwords.
Google Advises Caution When Downloading Apps
Google still reminds its users of the risks involved with sideloading apps from foreign sources and stresses that the only safe sources for downloading apps are the official Store, as well as activating Google Play Protect to help secure devices.
Since cybercriminals have no intention of stopping, its users need to remain vigilant and protect themselves against malicious apps as well as phishing attacks targeting private information.
