malicious apps Archives

Tech Optimizer

January 7, 2026

Best Antivirus Software (January 2026): Webroot Recognized for Lightweight Protection by Expert Consumers

Webroot has been recognized by Expert Consumers for its innovative antivirus protection, which offers essential security features with minimal impact on system performance. The software is cloud-based and lightweight, providing real-time protection while using minimal system resources. It leverages cloud technology for threat analysis, allowing for quick scans and unobtrusive background protection. Webroot includes real-time monitoring, flexible scanning options, phishing protection, and ransomware protection. It also addresses threats to personal data and offers protection for mobile devices and Chromebooks. Webroot's product lineup includes various plans tailored to user needs, from basic antivirus protection to comprehensive plans with identity protection features. The software is designed to operate consistently in the background, ensuring usability and reducing the risk of misconfigurations.

Tech Optimizer

December 30, 2025

How to Run an iPhone Malware Scan: Find and Remove Viruses

iPhones do not support traditional antivirus applications due to iOS's app sandboxing feature, which limits apps' access to system-level data. Users can identify potential malware by monitoring for unusual behaviors, such as overheating, fast battery drain, unexpected data usage spikes, unwanted Safari pop-ups, unfamiliar apps, repeated login prompts, and strange messages sent from their accounts. To investigate for malware, users should check device performance, review storage and data usage, monitor battery usage, and look for jailbreak indicators. If malware is suspected, users can take steps such as updating iOS and apps, restarting the device, deleting suspicious apps, clearing Safari data, removing unknown profiles, resetting network settings, restoring from a clean backup, or performing a factory reset as a last resort. iOS includes built-in protections against malware, such as App Store reviews, sandboxing, code signing, and regular security updates. However, iPhones are not completely immune to threats, and jailbreaking increases vulnerability. To protect against malware, users should keep iOS and apps updated, use strong passcodes, avoid jailbreaking, be cautious with links and attachments, use secure browsers, and consider using a VPN on public Wi-Fi. CyberGhost VPN can provide additional security on unsecured networks by encrypting internet traffic. While iPhones do not have built-in malware scanners, they incorporate various protections to prevent malware from reaching the device. Signs of potential malware include overheating, rapid battery drain, unexpected data usage spikes, and unusual app behavior. Malicious apps can occasionally bypass App Store scrutiny, and users should take immediate action if they suspect an infection. Generally, iPhones are considered more secure than Android devices due to stricter app controls.

AppWizard

December 18, 2025

Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App

A new Android malware campaign has been launched by the North Korean threat actor Kimsuky, introducing a variant called DocSwap. This malware is distributed via QR codes on phishing websites that impersonate CJ Logistics. Attackers use QR codes and notification pop-ups to lure victims into downloading the malware, which decrypts an embedded APK and activates Remote Access Trojan (RAT) capabilities. The malicious app is disguised as a legitimate application to bypass Android's security measures. Victims are tricked into installing the app through smishing texts or phishing emails that mimic delivery companies. The app downloads an APK named "SecDelivery.apk," which then loads the malware. It requests permissions to access various device functions and registers a service that simulates an OTP authentication screen. The app connects to an attacker-controlled server, allowing execution of commands such as logging keystrokes, capturing audio, and gathering sensitive information. Additionally, two other malicious samples have been identified, disguised as a P2B Airdrop app and a trojanized version of the BYCOM VPN app. The campaign also includes phishing sites mimicking popular South Korean platforms to capture user credentials.

AppWizard

December 17, 2025

Google warns all Android users to delete ‘fake apps’ as urgent advice issued

Android users are warned about fraudulent VPN applications that pose significant security threats by installing malware on devices and compromising personal and banking information. These malicious apps mimic reputable VPNs and use enticing advertisements to lure users. Once installed, they can introduce various forms of malware, including trojans and remote access tools, leading to severe consequences such as unauthorized access to personal accounts and financial loss. Cybercriminals employ sophisticated tactics, including professional advertising and AI-generated content, to create an illusion of legitimacy. Google advises users to download VPN services only from trusted sources, look for the verified VPN badge on the Google Play Store, and be cautious of free VPN services that may collect excessive data or contain malware.

AppWizard

December 5, 2025

New Android malware threat can wipe your bank account

A new malware called Albiriox has emerged, posing significant risks to Android users by allowing remote control of devices and the ability to drain bank accounts without passwords. Albiriox is often hidden within counterfeit Google Play Store pages for financial applications on external sites. Users who download these apps may unknowingly install the malware, which activates the "install unknown apps" permission, enabling further harmful software installation. Once active, Albiriox can mimic user actions to access sensitive information and finances. Users are advised to avoid downloading financial applications from unofficial sources and to remain cautious even with apps from the official Play Store, as some malicious apps have been reported to record user data.

AppWizard

December 2, 2025

Android users warned to check phones now as Google bans apps

Recent findings have revealed that certain widely-used Android applications have been involved in an adware campaign, identified as 'GhostAd', which drains phone resources and disrupts normal usage. This malicious software disguised itself as utility and emoji-editing tools and infiltrated at least 15 applications, targeting unsuspecting users. Many of these compromised apps were available on Google’s Play Store, including the GenMoji Studio app, which became popular in the 'Top Free Tools' category. Users reported issues such as disappearing app icons, intrusive advertisement pop-ups, and sluggish device performance after installation. Google has removed all compromised applications from its Play Store, but users who installed them must manually delete the harmful software. Check Point noted that the GhostAd campaign blurs the line between marketing and malware, repurposing users' phones to generate revenue. To protect against future threats, users are advised to scrutinize app reviews, verify the app creator's reputation, and exercise caution with permissions.

AppWizard

November 27, 2025

My dad filled his phone with random PDF apps and I blame Google

The author's father struggled to open a PDF on his HONOR phone, despite the device's native office suite supporting PDF files. He downloaded multiple misleading PDF apps from the Play Store, which did not resolve the issue. Eventually, he received a deceptive alert suggesting he update his PDF application, which led him to download yet another app. The problem was resolved when the author advised him to uninstall WPS Office, eliminating the misleading alerts and allowing PDFs to open correctly. A report from Malwarebytes indicated that only 15% of users feel confident identifying scams, highlighting the challenges users face in navigating the Android ecosystem. The Google Play Store has been criticized for hosting low-quality apps and deceptive ads, with a report from Zscaler noting the presence of hundreds of malicious apps. The author emphasizes the need for stricter advertising practices and better management of preinstalled apps to protect less tech-savvy users.

AppWizard

November 26, 2025

Android users told to delete apps immediately after cyber attack infestation

Hundreds of Android applications have been compromised by SlopAds ad fraud malware, leading to their removal from the Google Play Store. A total of 224 apps were identified, collectively downloaded over 38 million times. The malware employs techniques like steganography to hide its activities and redirect users to malicious sites. Google has removed all identified malicious apps and will alert users to uninstall them. Android users are advised to activate Google Play Protect for enhanced security. The ad fraud undermines the integrity of legitimate advertisers and developers.

AppWizard

November 13, 2025

Android will let ‘experienced users’ sideload unverified apps as Google makes case for verification

In August, Google announced plans to implement developer verification for Android applications, including those installed via sideloading, with early access available immediately. The company is creating an advanced flow for experienced users that allows them to accept risks associated with installing unverified software while resisting coercion from scammers. This feature will include clear warnings about the risks involved. Google is gathering early feedback on this design and plans to share more details later. The importance of developer verification is highlighted, as it helps protect users from manipulation by scammers, who often use high-pressure tactics to bypass security warnings. An example of such a scam in Southeast Asia involves scammers posing as bank representatives to trick victims into installing malware disguised as a verification app. Google believes that requiring verification will force malicious actors to use real identities, making it harder and more costly to distribute malware. Additionally, Google is developing a dedicated account type for students and hobbyists to facilitate limited app distribution without full verification requirements.

AppWizard

November 6, 2025

Productivity and Workflow Apps Target for Android Malware and IoT Attacks: Study

- There has been a 67% year-over-year increase in malware aimed at mobile devices. - A 387% rise in IoT and OT attacks has been observed, particularly in the energy sector. - Researchers identified 239 malicious applications on the Google Play Store, which collectively had 42 million downloads. - A significant amount of malware was found in the "Tools" category, where malicious apps disguised themselves as legitimate productivity tools. - The manufacturing sector is a primary target for mobile and IoT attacks, with manufacturing and transportation industries accounting for 20.2% of all observed IoT malware attacks. - Mobile attacks are primarily concentrated in India, the United States, and Canada, with the U.S. being the epicenter for IoT threats, accounting for 54% of incidents. - India leads in mobile attacks at 26%, followed by the U.S. at 15% and Canada at 14%, with India experiencing a 38% increase in mobile threat attacks compared to the previous year. - There is a shift from card-focused fraud schemes to mobile payment methods among threat actors.