The page may not load correctly.
September 16, 2020
In August, the number of threats detected on Android devices increased by 2.21% compared to July. Herewith, the number of malware increased by 6.26%, while the number of unwanted apps decreased by 0.49%, the number of riskware apps by 13.82% and adware by 10.1%.
Doctor Web specialists have found new threats on Google Play. Various modifications of the Android.FakeApp trojan family designed to load fraudulent websites were among them. These malicious apps spread under the guise of reference software. Moreover, new member of the Android.Joker mulifunctional trojan family, which subscribed victims to premium services and had a functionality to execute arbitrary code, has also been discovered.
Program modules incorporated into Android applications and designed to display obnoxious ads on Android devices. Depending on their family and modifications, they can display full screen ads and block other apps’ windows, show various notifications, create shortcuts and load websites.
In August, Doctor Web’s malware analysts have discovered several new malicious apps from the Android.FakeApp family. Dubbed Android.FakeApp.199, Android.FakeApp.200, Android.FakeApp.202 and Android.FakeApp.203, these trojans spread as a reference software and handbooks with the information about social payouts and tax refunds.
Upon their launch, the trojans load fraudulent websites of an inexistent organization “Unified Compensation Center for the VAT refund” where potential victims are asked to provide their personal information, allegedly to check the availability of the VAT refund or a social payout. After the information is provided, the website imitates the database search and falsely reports about successful validation and availability of the payout.
Next, the chat bot built into the fraudulent website imitates the conversation with the specialist. It offers the victim to fill the form with the additional personal information, as well as to pay the “fee” for the paperwork and money transfer.
As a result, deceived users not only give the scammers their personal and confidential information, but also transfer them the money and receive nothing in return.
Another threat found on Google Play was a member of the dangerous Android.Joker trojan family, dubbed Android.Joker.304. It was spread under the guise of the translation application. Similar to other trojans of this family, Android.Joker.304 could subscribe users to premium services, as well as to load and execute arbitrary code.
To protect your Android device from malware and unwanted programs, we recommend installing Dr.Web for Android.