Table of Contents
March 19, 2025
|3m
60 Million Downloads Hundreds of Malicious Apps Bypassed Android Security on Google Play
A large-scale fraud campaign has infiltrated the Google Play Store, bypassing Android 13's security features and resulting in over 60 million downloads of malicious applications. These apps display out-of-context advertisements and launch phishing attacks.
The report highlights that cybercriminals exploited Google Play's vetting process, ensuring that many of these applications initially appeared benign upon launch. Once installed, the apps engage in various malicious activities, including:
Displaying out-of-context ads that disrupt the user experience.
Hiding their icons from the device's launcher, making manual removal difficult.
Launching phishing attacks to steal credentials and financial data.
Security researchers from Integral Ad Science (IAS) Threat Lab uncovered over 180 apps involved in this campaign, dubbing the threat "Vapor" due to its ability to hijack user screens and render devices inoperative. Bitdefender's security researchers discovered the campaign is larger, featuring at least 331 apps that were available via the Google Play Store.
One of the reasons why users can't solely rely on the protection available by default on Android devices and the Google Play Store.
Google has been actively removing hundreds of malicious apps from the Play Store this month. Despite these efforts, cybercriminals continue to find ways to bypass security measures.
The attackers are leveraging various techniques to evade detection and maximize their impact:
Abusing Android's Content Provider Mechanism: Attackers use native code to enable the launcher.
Hiding App Icons: By abusing Android's content provider mechanism, leveraging native code to disable the app icon.
Bypassing Android 13 Restrictions: The apps can start without user interaction, even though this should not be technically possible in Android 13.
Examples of Malicious Applications Application mimicking simple utility apps like:
QR scanners
Expense tracking apps
Health apps
Wallpaper apps
Users are advised to be cautious when downloading apps from the Google Play Store and to:
Check app reviews and developer information before installing.
Be wary of apps requesting excessive permissions.
Use a mobile security solution to detect and remove malicious apps.
If you discover that you have installed any of those apps, remove them immediately and run a complete system scan with Google Play Protect (or other mobile AV products).
Found this article interesting? Keep visit thesecmaster.com, and our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, and Instagram and subscribe to receive tips like this.
You may also like these articles: Here are the 5 most contextually relevant blog posts:
New Android Malware 'DroidBot' Threatens Banking and Crypto Apps Across Europe
SpyLoan Scourge 15 Malicious Apps Infecting Over 8 Million Android Devices
FireScam Android Malware Disguised as Telegram Premium Threatens User Data
9 Android Apps Stealing Facebook Password Found On The Play Store!
9 New Fake Apps on the Play Store Which Can Hijack SMS Notifications to Carry Out Billing Fraud
Anthony Denis
Anthony Denis a Security News Reporter with a Bachelor's in Business Computer Application. Drawing from a decade of digital media marketing experience and two years of freelance writing, he brings technical expertise to cybersecurity journalism. His background in IT, content creation, and social media management enables him to deliver complex security topics with clarity and insight.
