Of the millions of applications on the Google Play Store, there are hundreds of dangerous applications that can steal various personal data, credit, to banking data.
One of the malware that can steal the data is Facestealer, which is a spyware that infiltrates more than 200 Android applications. Facestealer is a spyware that was first reported by Doctor Web in July 2021. The application that spreads this spyware is designed to steal sensitive data, such as Facebook passwords.
Of the 200 apps that Trend Micro found, 42 were VPN service provider apps. Meanwhile, 20 others are camera applications, 13 are photo editing applications, and another 125 are in the miscellaneous category.
In addition to stealing login credentials, these hundreds of apps are also designed to collect Facebook cookies and personally identifiable information associated with victims' accounts.
Not only applications that were compromised by spyware, Trend Micro also found more than 40 malicious crypto miner applications. These apps trick users into buying paid services or clicking on ads with the lure of fake crypto tokens.
Some of the malicious crypto-mining apps found, such as Cryptomining Farm Your own Coin, can even steal mnemonic phrases normally used to recover crypto wallets when they are lost.
Trend Micro did not reveal the names of the hundreds of malicious apps they found. But there are some applications that they highlight which are:
Daily Fitness OL
Enjoy Photo Editor
Panoramic Camera
Photo Gaming Puzzle
Swarm Photo
Business Meta Manager
Cryptomining Farm Your own Coin
Then there is the SharkBot trojan, which can steal personal data as well as banking data. The NCC Group was the first security observer to reveal that an application that was supposed to be an antivirus turned out to be a SharkBot trojan spreader. The list is as follows:
Antivirus, Super Cleaner
Atom Clean-Booster, Antivirus,
Alpha Antivirus, Cleaner
Powerful Cleaner, Antivirus
Two other applications with the same name namely Center Security - Antivirus.
After detailed reporting to Google, finally all these apps were removed from the Play Store on March 3rd-March 27th. However, if you have already installed this application and this application is still on your cellphone, it is recommended to immediately delete the application to avoid unwanted things.
Finally there is the Joker malware which has been popular for a long time. Even though it has been eradicated many times, this malware can still continue to infiltrate applications on the Play Store.
Joker malware can drain the victim's credit or account by registering the victim to a premium SMS service. Not only that, this malware can also be ordered to steal user data such as SMS, contact lists, and device information.
The apps that carry the Joker malware are usually messaging, health, and PDF scanner apps. Once installed, the app will ask for permission to access SMS and notifications, and then use it to register the victim for a premium service.
Kaspersky managed to detect three applications that were infiltrated by the Joker malware until February 2022. Although they have been removed by Google, these three applications are still available through third-party app stores. Here is the list:
Style Message (com.stylelacat.messagearound)
Blood Pressure App (blood.maodig.raise.bloodrate.monitorapp.plus.tracker.tool.health)
Camera PDF Scanner (com.jiao.hdcam.docscanner)
