<p>With more than three billion active Android phones, Google has a massive 70 per cent market share of the global mobile industry. However, it also has the huge responsibility of protecting the ecosystem from cybercriminals who prey on naive users.</p>.<p>Over the years, search engine giant has scaled up the screening process and even formed collaboration--<a href="https://www.deccanherald.com/specials/google-forms-app-defense-alliance-wages-war-on-malware-774405.html" target="_blank">App Defense Alliance</a>- with top cyber firms--ESET, Lookout, and Zimperium. </p>.<p>But, still, the efforts seem not enough as hackers are able to evolve and develop advanced techniques to hide malware in apps and bypass security screening.</p>.<p>In the latest instance, several benign-looking document scanners, cryptocurrency apps, QR code scanners, and other utility apps have been found to hide trojans in them and apparently made their way to more than 300,000 devices through Google Play Store.</p>.<p>Since July, Threat Fabric cyber security team has detected several families of malware--Alien, Anatsa, Hydra, and Ermac-- in hundreds of apps.</p>.<p>It has come to light that the threat actors don't usually attack all those installed with their apps, but instead activate malware in devices in particular countries of their interest only. </p>.<p>In the rest of the regions, they all work as advertised. This way, they try to avoid suspicion and also receive good reviews on the Play Store. The latter will help attract more users to install them on their devices.</p>.<p>"In the span of only 4 months, 4 large Android families were spread via Google Play, resulting in 300.000+ infections via multiple dropper apps.A noticeable trend in the new dropper campaigns is that actors are focusing on loaders with a reduced malicious footprint in Google Play, considerably increasing the difficulties in detecting them with automation and machine learning techniques," Threat Fabric ream <a href="https://www.threatfabric.com/blogs/deceive-the-heavens-to-cross-the-sea.html" target="_blank">said</a>.</p>.<p>If undetected, the malware is known to steal financial details by gaining critical permission to note keystrokes, take screenshots, and even get access to Accessibility Services.</p>.<p>Some of the detected apps include CryptoTracker, Gym, and Fitness Trainer, PDF Document Scanner Free, Master Scanner Live, PDF Document Scanner, QR Scanner, QR Scanner 2021, Protection Guard, QR CreatorScanner, and Two Factor Authenticator.</p>.<p>Android phone users are advised to uninstall the aforementioned apps and also be wary while installing the apps developed by unknown publishers.</p>.<p><em>Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on <a href="https://www.deccanherald.com/tag/dh-tech?_ga=2.210580691.73733284.1595225125-1706599323.1592232366" target="_blank">DH Tech</a>.</em></p>
<p>With more than three billion active Android phones, Google has a massive 70 per cent market share of the global mobile industry. However, it also has the huge responsibility of protecting the ecosystem from cybercriminals who prey on naive users.</p>.<p>Over the years, search engine giant has scaled up the screening process and even formed collaboration--<a href="https://www.deccanherald.com/specials/google-forms-app-defense-alliance-wages-war-on-malware-774405.html" target="_blank">App Defense Alliance</a>- with top cyber firms--ESET, Lookout, and Zimperium. </p>.<p>But, still, the efforts seem not enough as hackers are able to evolve and develop advanced techniques to hide malware in apps and bypass security screening.</p>.<p>In the latest instance, several benign-looking document scanners, cryptocurrency apps, QR code scanners, and other utility apps have been found to hide trojans in them and apparently made their way to more than 300,000 devices through Google Play Store.</p>.<p>Since July, Threat Fabric cyber security team has detected several families of malware--Alien, Anatsa, Hydra, and Ermac-- in hundreds of apps.</p>.<p>It has come to light that the threat actors don't usually attack all those installed with their apps, but instead activate malware in devices in particular countries of their interest only. </p>.<p>In the rest of the regions, they all work as advertised. This way, they try to avoid suspicion and also receive good reviews on the Play Store. The latter will help attract more users to install them on their devices.</p>.<p>"In the span of only 4 months, 4 large Android families were spread via Google Play, resulting in 300.000+ infections via multiple dropper apps.A noticeable trend in the new dropper campaigns is that actors are focusing on loaders with a reduced malicious footprint in Google Play, considerably increasing the difficulties in detecting them with automation and machine learning techniques," Threat Fabric ream <a href="https://www.threatfabric.com/blogs/deceive-the-heavens-to-cross-the-sea.html" target="_blank">said</a>.</p>.<p>If undetected, the malware is known to steal financial details by gaining critical permission to note keystrokes, take screenshots, and even get access to Accessibility Services.</p>.<p>Some of the detected apps include CryptoTracker, Gym, and Fitness Trainer, PDF Document Scanner Free, Master Scanner Live, PDF Document Scanner, QR Scanner, QR Scanner 2021, Protection Guard, QR CreatorScanner, and Two Factor Authenticator.</p>.<p>Android phone users are advised to uninstall the aforementioned apps and also be wary while installing the apps developed by unknown publishers.</p>.<p><em>Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on <a href="https://www.deccanherald.com/tag/dh-tech?_ga=2.210580691.73733284.1595225125-1706599323.1592232366" target="_blank">DH Tech</a>.</em></p>