The page may not load correctly.
July 3, 2018
In June 2018 Doctor Web virus analysts detected more than 30 apps containing an unwanted advertisement module Adware.Appalytic.1.origin on Google Play. It showed notifications offering to download different software and opened pages of advertised programs. In addition, Doctor Web specialists found several new representatives of the Trojan family Android.FakeApp that loaded different websites on cybercriminals’ command. Last month cybercriminals also distributed the Trojan Android.Spy.461.origin guised under an erotic game that spied on Android smartphone and tablet owners. Additionally, the Trojan Android.SmsSend.1989.origin posed a threat to Android mobile device users in June. It sent paid SMS messages to premium numbers.
In early June Doctor Web specialists detected 37 new applications on Google Play containing an unwanted advertisement module Adware.Appalytic.1.origin. It insisted on downloading and installing different applications and games. In addition, Adware.Appalytic.1.origin could independently open advertised pages on Google Play.
The following example shows an advertised Google Play application:
Examples of notifications that the module shows:
Features of Adware.Appalytic.1.origin:
In late June Doctor Web specialists detected several new representatives of the Trojan family Android.FakeApp. As before, these malicious programs were distributed under the guise of useful applications, in particular, as media players for listening to music from the VK social network. The Trojans added to the Dr.Web virus database as Android.FakeApp.89, Android.FakeApp.90, Android.FakeApp.91, and Android.FakeApp.92 would follow the links they specified and load websites, including fraudulent Internet resources on the cybercriminals’ command.
The following screenshots show the download pages of the Android.FakeApp Trojans detected on Google Play:
In June a Trojan spyware guised as an erotic game posed a threat to Android smartphone and tablet users. This malware was dubbed Android.Spy.461.origin. The Trojan stole SMS messages and contacts from the phonebook, recorded the surrounding environment using the mobile device’s microphone, received a list of files stored on the smartphone or tablet, and loaded them on the cybercriminals’ server. In addition, Android.Spy.461.origin stole data from the clipboard.
Last month cybercriminals distributed an SMS Trojan Android.SmsSend.1989.origin. It sent messages to paid numbers and subscribed users to expensive services. The malware was hidden in the app that cybercriminals passed off as the popular game Fortnite, while its official version for Android is still unavailable for users.
Cybercriminals still attack Android mobile devices and distribute malicious and unwanted applications using not only different websites, but also an official Google Play store. Doctor Web recommends users install Dr.Web for Android to protect their mobile devices.