Discovering many applications containing malware on Google Play Store, Android users should worry gradually

The new Google Play Store has discovered a lot of malware-infected applications never seen before. Four security companies have been announcing about the malware campaign hidden in the Android app on the Google Play store.

Yesterday, Dr.Web, Malwarebytes and McAfee said, there are three new Android malware groups hidden in games and applications uploaded to Play Store.

ESET spokesman said the company also found a new multi-stage malware stream.

1. UC Browser has been removed from Google Play Store because of its unhealthy use of "tricks"

Malware Grabos pushes notification of application installation fraud

Based on the details of the report, the most complex and widespread threat of Grabos malware was found by McAfee researchers.

The McAfee team said they identified 144 applications in Play Store containing the new malware, most of which are hidden in music players and MP3 download applications.

According to statistics from 34 out of 144 applications, McAfee said malicious applications had between 4.2 million and 17.4 million downloads.

The main purpose of Grabos is to display fake notifications on infected devices, to trick users into downloading and installing other applications.

Discovering many applications containing malware on Google Play Store, Android users should worry gradually Picture 1

AsiaHitGroup targets Asian users only

The second Android malware was discovered by security researchers Malwarebytes and named AsiaHitGroup because it uses an IP address blacklist to target users in Asian countries.

Initially, AsiaHitGroup was found in the QR code scanning application called Qr code generator - Qr scanner is also available on the Google Play store.

On infectious devices, AsiaHitGroup malware can download phase 2 threats - a trojan virus whose primary function is to subscribe to premium phone numbers via SMS.

Malwarebytes also said it found the malware in applications other than QR code scanning software, such as alarm apps, compass, photo editing, Internet speed testing, etc., but the company did not save Reveal the application name and not indicate which Google has removed the malicious application at the present time.

Android cable software downloads web pages in hidden browsers

The third malware campaign involving Google Play Store was also recorded by Dr.Web. This campaign focuses on an adware stream identified as Android.RemoteCode.106.origin.

Researchers have found this trojan in 9 apps on Play Store, which has downloaded from 2.37 million to 11.7 million.

After users install any malicious applications, they will open a web page in the hidden WebView (hidden browser). This process will increase fake web traffic and help some web operators win from displaying ads.

Dr.Web said that the company has informed Google about applications containing malware and some have updated the code to remove threats from the virus.

Hopefully the malware containing the software will be fixed by Google as soon as possible.