Android apps on APKPure store caught spreading malware

Android apps on APKPure store caught spreading malware

APKPure, a popular third-party and unofficial alternative hub to download Android and iOS applications, was recently infiltrated with malware that is used to download Trojans to other Android devices.

Even though Google Play is the most official Android app store, some vendors avoid using it because it is only available on devices that use Google Mobile Services (GMS) so the vendors not wanting to use GMS libraries, choose to be independent and use alternative stores such as APKPure.

SEE: Fake reviews, third-party apps cause 50% of threats against Android

These app stores only host free or shareware apps and even though APKPure’s owners say that all the apps in its shops are all clean and scanned by Google, researchers have found that APKPure itself is not quite as safe. 

It appears that APKPure version 3.17.18 has been tampered with in an attempt to trick the oblivious users into downloading and installing malicious applications linked to the malicious code built into the APKPure app. This is achieved through the advertisement SDK that has been embedded with a Trojan dropper being fitted into the new version 3.17.18.

This discovery was reported by researchers from Doctor Web and Kaspersky who also found that when launched, the Trojan runs a payload that can show ads on the lock screen, open browser tabs, collect device information, and most importantly, download other malware onto Android devices. 

“This trojan belongs to the dangerous Android.Triada malware family capable of downloading, installing, and uninstalling software withou ..