Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Hackers are taking advantage of the Store to distribute malware
This cheeky attack allows threat actors to actively distribute Trojan malware to Android devices to download apps slowly, which could lead to a large-scale, damaging infection campaign. unpredictable.
More specifically, according to the initial investigation by researchers from Doctor Web and Kaspersky, the APKPure App version 3.17.18 is said to have been tampered with, with malicious code attached. At the same time, hackers will also try to trick users into downloading and installing malicious applications associated with malicious code built into the APKpure application.
" This Trojan belongs to the dangerous Android.Triada family of malware, possessing the ability to download, install and uninstall software without the user's permission ," said the Doctor Web team.
According to Kaspersky experts, version 3.17.18 has been intentionally tweaked to integrate the Ads SDK to act as a Trojan spreading tool, designed to deliver other types of malware to the victim's device. " This component can do a number of tasks such as: displaying ads on the lock screen; opening browser tabs; collecting information about the device; and most annoying is downloading other malware " According to a Kaspersky researcher.
To overcome the situation, the APKPure side also released a new version for the app (version 3.17.19) on April 9 to remove the malicious component. The developers behind the app distribution platform said in the release notes that they "Fixed a potential security issue, made APKPure Return to a safe state".
There have not been any reports of the damage that APKpure users experienced related to this incident
Infection of malicious code on app store platforms
APKPure is not the only third-party Android app store infected with malware. Earlier this week, Doctor Web researchers also found 10 apps compromised by the Joker (Bread) trojan on Huawei's AppGallery platform. It was also the first time that the malware was detected in the Chinese company's official app store.
Infected applications often come with hidden code that allows it to connect to a command and control server (C2 server) operated by the attacker, to download additional payloads on the device. infected.
In addition, the researchers said there was also 'some other version of Android.Joker' released on Google Play. They are found in apps like Shape Your Body Magical Pro, PIX Photo Motion Maker and a few other names. All of these apps have been removed from the Play Store.
Kareem WintersYou should read it
- New banking malware discovered that can remotely control Android devices
- 5 types of malware on Android
- BankBot is back on Play Store - an uninterrupted story about malware on Android
- What is Clipper Malware? How does it affect Android users?
- What is Malware Joker? How to fight Malware Joker?
- Detected 4 banking trojans in 11 apps on Google Play Store
- Sockbot malware was discovered in applications on Google Play Store
- More than 9 million Android devices infected with malicious code from applications in Huawei AppGallery
May be interested
- Campaign to distribute spyware aimed at macOS in Vietnam
security experts discovered a campaign to distribute spyware with compelling content emails and attach a malicious text file to the mac of a number of vietnamese organizations and businesses. - Detect 17 applications that contain malware trojans on the App Store, if you have them on your computer, you should immediately remove themsecurity firm wandera has discovered 17 apps on the apple app store that contain malware trojan designed to open websites or open ads that run in the background without the user's knowledge.
- What is Safe Malware? Why is it so dangerous?remote access trojan (rat) is a type of malware that allows hackers to monitor and control the victim's computer or network.
- Discovering many applications containing malware on Google Play Store, Android users should worry graduallythe new google play store has discovered a lot of malware-infected applications never seen before. security companies have been reporting malware campaigns hidden in the android app on the google play store.
- Analyze Malware actionshigh-tech criminals today, very sophisticated and cunning in ways to disguise and remove traces they leave on the internet
- Hackers take advantage of Wikipedia to spread Blasterwikipedia has just been kidnapped by hackers and turned it into a tool to spread a famous malware - the blaster worm. specifically, hackers hacked and partially edited the german version of the wikipedia page and posted it on the website
- Detecting a Google Drive vulnerability could allow hackers to trick users into installing malwarean unresolved security weakness in google drive can be exploited by software attackers to distribute malicious files.
- Hackers antivirus application preinstalled on Xiaomi phones into malwarewhat's more tragic when the tools that are considered shields for your device can now turn into malware that paves the way for unauthorized infringement, through the 'variable hand? virtual 'hackers'.
- Warning: Do not download the Google Bard app! It's malware!fraudsters are taking advantage of google's generative ai engine, bard, to infect unsuspecting users with dangerous malware and steal their login credentials.
- Warning: 5 million Samsung, OPPO, Vivo smartphones ... are infected with malware and this is how to check and removea large-scale malware distribution campaign has just been discovered and it is affecting nearly 5 million smartphones of major brands worldwide including honor, huawei, xiaomi, oppo, vivo, samsung and gionee.
Attack the network
- Personal data of more than 500 million LinkedIn users was leaked
- The attack on Microsoft Exchange increased while WannaCry showed signs of return
- How to check your Facebook information is leaked or not
- Microsoft warns of an increasing trend of attacks targeting firmware and worrying public indifference
- Malicious code is hidden in cheats and mods that target the gaming community
- A ransomware declared decommissioned and refunded the ransom to the victim
Personal data of more than 500 million LinkedIn users was leaked
The attack on Microsoft Exchange increased while WannaCry showed signs of return
How to check your Facebook information is leaked or not
Microsoft warns of an increasing trend of attacks targeting firmware and worrying public indifference
Malicious code is hidden in cheats and mods that target the gaming community
A ransomware declared decommissioned and refunded the ransom to the victim