million downloads Archives

AppWizard

March 31, 2025

Avoid Downloading Apps From Untrusted Sources, Google Warns Android Users

Google warns Android users about the risks of downloading apps from sources outside the Google Play Store, noting that such apps are 50 times more likely to contain malware. In 2023, Google removed around 2.3 million suspicious apps from the Play Store and banned over 300 apps that circumvented Android's security measures, which had over 60 million downloads and were involved in deceptive advertising and phishing schemes. Google is enhancing its Play Protect Live Threat Detection system to combat fake and dangerous apps. Recommendations for protecting phones include downloading apps only from the Google Play Store, checking reviews and ratings, installing security updates, and avoiding unknown links.

AppWizard

March 25, 2025

Malicious Android Apps Hide in Plain Sight, Target Millions of Devices

A malicious Android app campaign called “Vapor” has been discovered, designed to trick users into revealing sensitive information through misleading ads. This campaign includes various apps posing as utilities, such as QR code scanners and health trackers, with over 60 million downloads collectively. It primarily targets users in Brazil, the United States, and Mexico. Some apps have evaded detection by not showing harmful behavior immediately after installation and by disguising themselves. They use tactics like inundating users with full-screen ads and employing scare tactics to prompt downloads of additional harmful apps. The campaign may be run by a single cybercriminal group or a coalition, utilizing shared malware development tools. Despite Google removing many harmful apps, new variants continue to emerge, highlighting the evolving nature of mobile malware.

AppWizard

March 22, 2025

Nasty Android apps that steal credit cards and passwords downloaded 60 million times

Over 331 applications on the Google Play Store have been identified as potentially compromised by a widespread malware campaign, which has affected millions of Android devices. These malicious apps can steal sensitive information, including passwords and credit card details, and have accumulated over 60 million downloads globally. They often disguise themselves as benign utility applications, such as QR code scanners and fitness tools, and generate revenue through intrusive advertisements. The malware campaign began in April 2024, with many apps initially appearing benign before being updated with malicious components. Some apps can hide their icons and bypass Android security measures, making detection difficult. Victims are primarily located in Brazil, the United States, Mexico, Turkey, and South Korea. Despite Google's efforts to remove many of these apps, some remain active, and users must take proactive measures to protect their devices.

AppWizard

March 19, 2025

These malicious Android apps were installed over 60 million times – here’s how to stay safe

Cybersecurity experts from Bitdefender discovered an ad fraud scheme involving over 300 Android applications that collectively had more than 60 million downloads from the Google Play Store. These apps, which appeared as utility tools like QR scanners and health apps, mainly targeted users with older Android versions (Android 13 and earlier) and first appeared in the third quarter of 2024. As of the research's completion, only 15 of the identified apps were still active, with most affected users located in Brazil, and others in the United States, Mexico, Turkey, and South Korea. The deceptive apps concealed their icons, displayed intrusive ads without user consent, and attempted to harvest sensitive information. Many of these harmful apps have been removed from the Play Store, but users with them installed remain vulnerable. Signs of compromise include lagging, excessive ads, overheating, or unexpected data usage. Users are advised to uninstall suspicious apps and to use the latest version of Android, currently Android 15.

AppWizard

March 18, 2025

Malicious Android ‘Vapor’ apps on Google Play installed 60 million times

Over 300 malicious Android applications, identified as adware, have been downloaded 60 million times from Google Play. These apps, part of an operation called "Vapor," have attempted to steal sensitive user information and generate 200 million fraudulent advertising bid requests daily. The campaign was first uncovered by the IAS Threat Lab and has been active since early 2024. A total of 331 malicious applications were identified, with significant infections reported in Brazil, the United States, Mexico, Turkey, and South Korea. Notable offenders include AquaTracker, ClickSave Downloader, Scan Hawk, Water Time Tracker, Be More, BeatWatch, TranslateScan, and Handset Locator, each with varying download counts. The apps disguise themselves as utilities and employ tactics to evade detection, such as disabling their Launcher Activity and creating fullscreen overlays for ads. Users are advised to avoid unnecessary apps from unverified publishers and regularly check installed applications.

AppWizard

March 18, 2025

Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials

Bitdefender has identified at least 331 malicious applications on the Google Play Store, which have been downloaded over 60 million times. These apps, including QR code scanners and simple games, can display intrusive advertisements and compromise user data. A list of some remaining malicious apps includes ShapeUp, Beautiful Day, Destiny Book, Dropo, Handset Locator, Body Scale, Cache Sweep TEL: Clean, Five in a Row, Massm BMI, and Water Note. Many of these apps can bypass Android security measures, initiate without user interaction, and may launch phishing attacks. Users are advised to avoid these apps, manually remove any malicious apps they may have installed, and enable Google Play Protect for added security.

AppWizard

March 18, 2025

Large-Scale Malicious App Campaign Bypassing Android Security

A recent analysis by Bitdefender has revealed a significant ad fraud campaign resulting in over 60 million downloads of malicious applications from the Google Play Store. The campaign involves at least 331 applications that can bypass Android's security measures, allowing them to remain undetected and activate without user interaction. These apps, which often disguise themselves as utility tools, are capable of displaying advertisements and launching phishing attacks without necessary permissions. Some of the malicious apps have been updated and continue to be active, while Google has been notified and is investigating the issue. The attackers employ various methods to conceal their apps, including hiding icons and exploiting system vulnerabilities. They also use custom command and control domains with encryption techniques to complicate detection efforts.

AppWizard

March 18, 2025

331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security

Security researchers at Bitdefender have identified a major ad fraud operation involving 331 malicious applications on the Google Play Store, which have over 60 million downloads. These apps exploit vulnerabilities in Android 13 to bypass security measures and conduct phishing attacks, ad fraud, and credential theft. The malicious apps disguise themselves as utility tools, such as QR scanners and health apps, and display intrusive full-screen ads even when not in use. They also attempt to collect sensitive user data without requiring typical permissions, indicating advanced manipulation of Android APIs. The attackers employ various techniques to evade detection, including hiding app icons, launching activities without user interaction, and using persistence mechanisms to remain active on devices. Most of these apps were first active on Google Play in the third quarter of 2024, initially appearing benign before being updated with malicious features. The latest malware was uploaded to the Play Store as recently as March 4, 2025, with 15 apps still available for download at the time of the investigation. The attackers likely operate as a single entity or a collective using similar packaging tools from black markets. They utilize advanced obfuscation techniques to avoid detection, including string obfuscation, polymorphic encryption, runtime checks for debugging, and native libraries obfuscated with specialized tools. This situation highlights significant vulnerabilities in Android's security framework and emphasizes the need for robust third-party security solutions, as attackers continue to adapt their methods.

BetaBeacon

March 11, 2025

Odin: Valhalla Rising is launching this year as Kakao Games brings their hit MMORPG global

Odin: Valhalla Rising, an MMORPG based on Norse mythology, is going global this year with pre-registration starting on April 3rd. It has already been a big hit in Asia with 17 million downloads. The game features four realms and four classes, promising next-gen quality graphics and gameplay.

AppWizard

March 9, 2025

Google Confirms Play Store App Deletion—Check Your Phone Now

A report has revealed an extensive ad fraud scheme called "Vapor," which has infiltrated the Google Play Store with over 180 malicious applications that garnered more than 56 million downloads before being removed by Google. These apps, which mimic legitimate applications, primarily target categories like flashlight utilities, QR code readers, and horoscope generators. They initially appear functional but later remove legitimate features in updates, replacing them with intrusive advertisements that hijack the device's interface. Some vapor apps achieved over one million downloads, aided by app install schemes that inflated their rankings. Google has committed to removing violating apps and provides Google Play Protect to safeguard users. Users are advised to be cautious and avoid installing low-value applications to mitigate risks.