Cybercriminals are constantly evolving their tactics to stay ahead of cybersecurity measures, much to the despair of innocent smartphone users. This makes it crucial for users and businesses to stay vigilant and adopt robust security measures, because if they don't, they stand to lose their valuable data and money to hackers.
Cybersecurity company Trend Micro has found two new types of Android malware called CherryBlos and FakeTrade on the Google Play Store, according to a report by BleepingComputer. But these harmful apps are not limited to the Play Store; they are also spreading through social media and fake websites in the form of APK files that people can install.
The harmful apps utilize different ways to spread, such as social media, phishing sites, and deceptive shopping apps on Google Play, which is the official app store for Android.
CherryBlos is a cryptocurrency stealer that exploits Accessibility service permissions to fetch configuration files from the C2 server, auto-approves additional permissions, and stops users from detecting and deleting this malicious app.
In a recent blog post, Trend Micro mentioned that they noticed the CherryBlos malware being spread as an APK in April of this year. The malware was being advertised on Telegram, Twitter, and YouTube as a cryptocurrency mining app called SynthNet, claiming to be powered by AI. It was also available on the Play Store, but luckily, Google removed it after only a few thousand downloads.
Trend Micro analysts also discovered a concerning campaign named "FakeTrade" on Google Play Store. In this campaign, 31 fraudulent apps were identified, all referred to as "FakeTrade," which were utilizing identical C2 network infrastructures and certificates as the
Read more on tech.hindustantimes.com