The page may not load correctly.
May 13, 2021
In April, Doctor Web reported on the discovery of the Android.Triada.4912 trojan embedded in one of the versions of the client application of the popular third-party Android app catalog APKPure. With that, new trojans from the Android.FakeApp family were found on the official Android app catalog Google Play. They were spread as useful software and loaded various fraudulent websites. Doctor Web’s specialists have also uncovered Android.Joker trojans on Huawei’s AppGallery catalog. These malicious applications subscribed victims to premium mobile services.
At the beginning of April, Doctor Web reported on the discovery of malicious functionality found by our malware analysts in the popular third-party Android software catalog APKPure. Unidentified attackers embedded an Android.Triada.4912 trojan into it, with version 3.17.18 being particularly affected. The Android.Triada.4912 launched an additional module hidden in its resources. This module performed the main malicious tasks, downloading other trojan components and various applications, as well as loading different websites.
Program modules incorporated into Android applications and designed to display obnoxious ads on Android devices. Depending on their family and modifications, they can display full screen ads and block other apps’ windows, show various notifications, create shortcuts and load websites.
In April, new trojans from the Android.FakeApp malware family were discovered. They were spread under the guise of reference software with information about payments and compensations from the government, as well as apps that allegedly could be used to receive discounts for buying goods in famous retail stores and to win gifts from popular bloggers. In reality, these fake apps were only misleading victims. They didn’t work as described and only displayed fraudulent websites that allowed attackers to steal Android users’ personal information and money. These trojans were added to the Dr.Web virus database as Android.FakeApp.255, Android.FakeApp.254, Android.FakeApp.256, Android.FakeApp.259, Android.FakeApp.260, and Android.FakeApp.261.
Examples of the bogus apps’ appearance is shown below:
Last month, Doctor Web’s malware analysts discovered the first malicious apps in the Huawei’s AppGallery catalog. They belong to the Android.Joker trojan family and are capable of executing arbitrary code and subscribing users to premium mobile services. These trojans were spread as various seemingly harmless apps, such as virtual keyboards, online messenger, a camera app and some others. In total, over 538.000 users have downloaded them.
To protect your Android device from malware and unwanted programs, we recommend installing Dr.Web for Android.
© Doctor Web
2003 — 2022
Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies
Doctor Web in social networksLink accounts