Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud.
The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700,000 downloads before they were discovered and removed from the platform.
The findings were reported independently by cybersecurity firms Trend Micro and McAfee.
"Posing as photo editors, wallpapers, puzzles, keyboard skins, and other camera-related apps, the malware embedded in these fraudulent apps hijack SMS message notifications and then make unauthorized purchases," researchers from McAfee said in a Monday write-up.
The fraudulent apps belong to the so-called "Joker" (aka Bread) malware, which has been found to repeatedly sneak past Google Play defenses over the past four years, resulting in Google removing no fewer than 1,700 infected apps from the Play Store as of early 2020. McAfee, however, is tracking the threat under a separate moniker named "Etinu."
The malware is notorious for perpetrating billing fraud and its spyware capabilities, including stealing SMS messages, contact lists, and device information. The malware authors typically ..
Support the originator by clicking the read the rest link below.
