1. Home
  2. General
  3. Hackers are using these Android apps in the Play Store to launch their attacks.
Hackers are using these Android apps in the Play Store to launch their attacks.

Hackers are using these Android apps in the Play Store to launch their attacks.

EventhebestAndroidphonesneedtobecarefulwhendownloadingnewappstotheirdevices.Asanexample,28appsthatwereusedtoproxysmartphonesinstalledbyhackerswererecentlydiscoveredintheGooglePlaystore.

AsreportedbyBleepingComputer,HUMAN'sSatorithreatintelligenceteamdiscoveredthattheseseeminglyharmlessappswereactuallydoingdubiousthingsinthebackground.Ofthe28appslistedinthereport,17wereposingasfreeVPNsoftware.

ThebestfreeVPNappsandservicescanhelpprotectyouronlineprivacy,butyoushouldalwaysbecarefulwheninstallingthemonyourdevice,andasItestVPNsinmyreviewsforTom'sGuide,IstronglyrecommendinvestinginthebestVPNserviceinstead.IrecommendthatyouinvestinthebestVPNservice.Thesepaidsolutionsaremorereputable,andmanyofthemhavebeenauditedbythirdpartiestoensurethattheirappsandservicesdonotcontainvulnerabilitiesormaliciouscode.

HavingyourphoneproxiedisnotasbadasbeinginfectedwithAndroidmalware,butitisstillacauseforconcern.Residentialproxieshavelegitimateuses,suchasmarketresearchandsearchengineoptimization,butwhenabusedasinthiscase,theycanbeusedforallkindsofmaliciousactivity,fromadfraudtophishingandevencredentialstuffing.

Hereiseverythingyouneedtoknowaboutmaliciousapps,alongwithtipsonhowtokeepyourselfsafefromthem.

SomeofthefollowingappsdonotcontainthemaliciouscodethatwasusedtoproxyAndroidsmartphones.However,forthosewhoareconcernedthathackersmaybeusingtheirdevicesforcybercrime,itisrecommendedthattheymanuallyremovetheseappsiftheyareinstalledontheirsmartphones.

Whatthese28appshaveincommonisthattheyusedLumiApps'softwaredevelopmentkit(SDK).ThecompanyalsooperatesanAndroidappmonetizationplatformthatusesthedevice'sIPaddresstoloadwebpagesinthebackgroundandsendtheretrieveddatatocompanies.

AccordingtotheLumiAppswebsite,thisisusuallyfromwell-knownsites,"doneinawaythatneverinterruptstheuserandisfullyGDPR/CCPAcompliant."Theyallhavetheultimategoalofhelpingcompanies"improvetheirdatabasesandprovidebetterproducts,services,andprices."

Onpaper,thisseemsabitintrusivebutharmless,butwhenyoudownloadafreeappinsteadofapaidapp,yougetwhatyoupayfor.whatLumiaAppsdidnotenvisionisthathackerswouldfindawaytousetheappmonetizationplatformfortheirownbenefitwouldfindawaytousetheappmonetizationplatformfortheirownbenefit.

Afterexaminingthese28apps,HUMANsecurityresearchersdiscoveredthattheyallcontainedaGolanglibraryusedtorunaproxycalled"Proxylib."ThefirstappthecompanydiscoveredthatcontainedProxylibwasafreeAndroidVPNappcalledOkoVPN.SecurityresearcherslaterdiscoveredthatthissamelibrarywasusedbyLumiApps'Androidappmonetizationservice.

Basedonthefindings,HUMANbelievesthatthesemaliciousappsareassociatedwithaRussianhomeproxyserviceprovidercalledAsocks.itisworthnotingthatAsocks'servicesareoftenpromotedinonlinehackingforums.ItisworthnotingthatAsocks'servicesareoftenpromotedinonlinehackingforums.

Earlierthisyear,LumiAppsreleasedanewversionofitsSDK,includingProxylibv2.Apparentlythiswasdonetoaddress"integrationissues,"butitisunclearastowhetheritcanbeexploitedbyhackers.

GooglethenremovedallremainingappsandallnewappsusingtheLumiAppsSDKfromthePlayStore.Similarly,someofthedeveloperswhohadusedtheSDKalsoremovedittofixtheirapps,butsomehavere-releasedthesameappsusingdifferentdeveloperaccounts.

ThefirstthingyouwanttodotoprotectyourselfandyourdevicefrommaliciousappsistoavoidinstallingunwantedappsonyourAndroidsmartphone.Askyourselfifyoureallyneedthatapp,andchecktheratingsandreviewsofthatappbeforeinstallingit.Keepinmind,however,thatreviewsandratingscanbefaked.Forthatreason,Ialwaysrecommendlookingatvideoreviews.

Onthesecurityfront,makesureyouhaveGooglePlayProtectenabled.Butforaddedprotection,youshouldconsiderinstallingoneofthebestAndroidantivirusapps.

AsforfreeVPNappsandfreeVPNsingeneral,Ireallydon'trecommendthem.MostVPNservicesarefairlyinexpensiveforwhattheyoffer,andifyoushopwisely,youcanoftengetgreatdealsontopproviderslikeExpressVPN,NordVPN,Surfshark,etc.Forexample,Iboughta2-yearsubscriptiontoSurfsharkonBlackFridayayearandahalfagoatasteepdiscount,anditisstillgoingstrong.

Hackersandothercybercriminalswillcontinuetoreleasemaliciousappsandtrytoturngoodappsevilbyinjectingmaliciouscode.Thisisbecausesmartphonesthesedayscontainfartoomuchpersonalandfinancialdata.Therefore,itisimportanttothinktwiceanddoproperresearchbeforeinstallinganynewapponyoursmartphone,nomatterhowpopularitmaybe.

.
Source: https://www.tomsguide.com/computing/malware-adware/hackers-are-using-these-android-apps-on-the-play-store-to-stage-attacks-delete-them-all-right-now

Categories


Comments

There is no comments

About Us

Do you like technology and are you geek? Then, this is your magazine!

Navigation

Copyright © 2024 TechingToday - F41