Beware of malware disguised as legitimate apps

Beware of malware disguised as legitimate apps

Android users have found themselves duped into downloading fake apps masquerading as legitimate ones

by John Curtis

It’s becoming frighteningly easier to be a victim of malware, particularly if you are an Android user. Androids are nearly 50 times more likely to be infected with malware than iOS devices, because Androids are designed with an open-faced operating system, allowing anyone to jump in and modify an app should any errors be detected.

As a result, the chances of downloading malware from the Google Play store is an unfortunately likely prospect. Despite the Google Play Store’s ever-increasing efforts to detect malware and fraudulent apps, hackers continue to find creative ways of avoiding detection, in what has come to be known as “Trojan” malware, seemingly harmless, even helpful software which is intentionally designed to steal your information and infect your devices.

krapalm

Selling malware to reach as wide an audience as possible

ThreatFabric recently reported that hackers were recently uncovered selling the coding for ERMAC, a trojan specifically aimed at stealing banking information, in multiple forms all over the dark web, specifically targeting Android and Windows users. Thanks to clever coding, the malware finds its way to the Google Play store under the guise of a pre-existing, legitimate app, but is instead a one-step process for downloading malware capable of:

  • Stealing emails
  • Confiscate two-factor authentication codes
  • Obtain information from cryptocurrency wallets
  • Track all keystrokes on your devices

What sort of apps were compromised?

ThreatFabric reported that the apps which were deviously laced with malware, under the guise of another app, included:

  • WiFI AutoAuthenticator- easing logins when changing network connectivity
  • Football live stream- live-streamed soccer programming
  • OGINsta- posing as the original “Instagram”
  • VidMate- A video downloading platform

Victoria_Watercolor/pixabay

Is there a way to avoid downloading malware?

As mentioned above, the programming of Android devices means that it is still possible to download malware directly from the Google Play store. That being said, this particular attack was successful because these apps were advertised on various social media platforms, which led to links encouraging users to download the apps from a third party.

If the chances of being free from malware in the google play store are not a 100% guarantee, it is infinitely less likely than if you downloaded it from social media or a third party. So, no matter how helpful or fun any apps you see advertised on social media may appear, resist the urge to click on those links, and only download them directly from the Google Play store.

 

Take advantage of Google’s built-in malware defense.

While the Google Play store does have a screening process for all apps, Android phones also all come with a built-in malware detection service, Google Play Protect, which will help defend your phone from Malware even more.

To install Google Play protect:

  • Open the Google Play Store
  • Click on the profile
  • Click on Play Protect
  • Click on settings
  • Activate Scan apps with Play Protect

However, while Google Play Protect will do some fairly rudimentary scanning, it does not provide the same service as dedicated anti-virus software will get you.

A few other simple steps to protecting your Android or Windows devices from malware include the following:

Always make sure you update your device’s software regularly

To update the software on your iPhone:

  • Go to settings
  • Tap general
  • Tap Software update
  • Tap download and install

To update software on your Android:

  • Tap settings
  • Tap system
  • Tap System Update

Other ways to stay ahead of the game when it comes to Malware

  • Always check reviews on the Google Play Store, and spot if there. was any detection of Malware from previous users
  • Avoid downloading Apps with a similar logo and purpose as other popular apps.
  • If you download an app asking for access to your text messages and notifications, delete it.
  • The best way to protect yourself is to install antivirus software on all of our devices. Our top choice for Antivirus software is TotalAV.  It’s super easy to install and you’ll have peace of mind knowing you’ll have real-time protection, phishing scam protection, ransomware protection plus more. Protects Windows, Mac, Android & iOS Devices. Limited-time deal for CyberGuy readers: $19 your first year (80% off).  Read our review here for Best Antivirus Protection in 2022.

 

See Also:


   

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder