Malware was downloaded over 600 million times in 2023 from the Google Play Store

Malware was downloaded over 600 million times in 2023 from the Google Play Store،

Cybersecurity company Kaspersky found that thanks to new, sneakier techniques used by bad actors to obtain malicious apps through Google security scans, Android users downloaded malicious apps more than 600 million times in 2023. It’s a staggering figure and it’s helped by the large number of malicious apps. apps in the Play Store (more than 3 million unique apps, according to Kaspersky), making it impossible for even a well-resourced company like Google to thoroughly check each one.

Some malware starts life as a legitimate application until an update adds malicious functionality

The first case study listed by Kaspersky in its blog post is interesting because it shows how these apps are installed on Android phones. The iRecorder app was first added to the Play Store in September 2021 and 11 months later an update added the AhMyth Trojan code which caused the app to record every 15 minutes from the microphone on all phones that had the app installed. The recordings were sent to the application creator’s server.

Minigames like these contained malware and were installed 451 million times from the Google Play Store this year

By the time the iRecorder app was deemed malware in May 2023, it had been downloaded 50,000 times. But iRecorder’s story illustrates how these apps slip through Google’s checkpoints; they start life as a standard application that only does what the developer says. But after some time, an update is sent which includes malware, and instantly that harmless app you installed on your android phone has become dangerous.

Another strategy used by cybercriminals is to open multiple developer accounts with Google. This way, if Google removes a malware-laden app, another similar one can be uploaded to the Play Store. As an example, Kaspersky describes three applications: Beauty Minceur Photo Editor, Photo Effect Editor and GIF Camera Editor Pro. This trio recorded 620,000 installs while introducing the Fleckpe subscription Trojan.

35 million installs of adware-containing Minecraft clones

Once these apps were opened on a phone, the malicious payload was downloaded to the device, which then opened a browser window that the phone user could not see. The browser went to sites offering paid subscriptions and after intercepting the confirmation codes, the malware enrolled the device owner in paid subscriptions through their cellular account which the application was able to access.

This app signed users up for expensive subscriptions without their knowledge

Last year, one of the most distributed malicious apps on the Google Play Store was Minecraft clones. Due to the popularity of the real Minecraft app, 35 million downloads have been recorded under names like Block Box Master Diamond. These apps contained adware called HiddenAds that served ads in the background that the user could not see. Even if it made money for bad actors, these apps would negatively impact the battery life of the phones they were installed on.

According to Kaspersky, malware called SpinOk was behind the biggest case of the year. Around 200 infected apps were installed, an incredible 451 million times. The apps were supposed to offer mini-games that would earn players cash rewards. But in reality, these apps collected user data and sent it to the threat actor’s command-and-control server.

One thing you can do to prevent yourself from installing malware is to check the comments section in the Play Store on every app from an unknown developer that you want to install. Forget positive reviews with high scores as these can be faked. Instead, check negative reviews with low ratings, as these will likely be the ones that tell you the real story behind the app.

Look for red flags in these comments from those who have the app installed on their phones. These complaints include reduced battery life, overheating, and a device constantly freezing. Also check the app’s Play Store listing for spelling mistakes and grammatical errors; If something doesn’t seem right, it’s best to refrain from installing the app.