Highlights
- Over 600 million malware-infected apps downloaded from Google Play Store.
- Majority include mini-game ads and clones of Minecraft with hidden adware.
- SpinOk malware found in more than 100 apps, secretly collecting user data.
- Fleckpe subscription Trojan identified in Play Store apps, subscribing users to paid services.
A recent Kaspersky report has raised concerns about the presence of malware on the Google Play Store, with a staggering 600 million downloads of malicious apps in 2023.
These apps, which often masquerade as innocuous or even beneficial programs, pose a serious threat to Android users.
Kaspersky’s investigation revealed that the majority of these downloads were of apps containing in-app mini-game ads, with a total of over 451 million downloads.
These games, while seemingly harmless, are designed to collect user data without their knowledge.
A particular malware, SpinOk, was found in more than 100 apps, using the guise of offering monetary rewards to entice users.
The report also highlighted the issue of apps with hidden ads, which amassed over 100 million downloads.
Clones of the popular game Minecraft, infected with adware, were downloaded over 35 million times.
These clones, 38 in number, were especially deceptive as they mimicked the highly downloaded Mojang’s Minecraft.
Apps promising monetary rewards for physical activities also proved to be a trap, with 20 million downloads.
These health and activity tracker apps falsely offered rewards for achieving fitness goals.
Moreover, the report identified over 40 apps, downloaded 2.5 million times, that contained background adware.
The investigation found two file manager apps, downloaded 1.5 million times, which secretly collected user data like contacts, location, photos, and more, and sent it to servers in China.
These apps falsely claimed to respect user privacy.
Additionally, Kaspersky uncovered apps infected with the Fleckpe subscription Trojan on the Play Store.
When run, these apps installed malicious software that collected information about the user’s country and mobile operator.
They then opened web pages with paid subscriptions and signed up the user for these services without their consent.
This concerning report underscores the ongoing challenges in maintaining security on platforms as large and widely used as the Google Play Store.
FAQs
What was the main finding of the Kaspersky report on Google Play Store?
Kaspersky’s report revealed that users downloaded over 600 million malware-infected apps from the Google Play Store in 2023. These apps included those with mini-game ads and Minecraft clones that harboured hidden adware, posing significant security risks to users.
What type of malware was most commonly found in these apps?
The report identified the SpinOk malware in more than 100 apps, primarily featuring in-app mini-games that promised rewards. This malware was used to collect user data covertly. Additionally, many apps were found to be infected with hidden adware and the Fleckpe subscription Trojan.
How did the Fleckpe subscription Trojan affect users?
The Fleckpe subscription Trojan, found in several Play Store apps, installed a malicious payload on users’ devices. It collected information like the user’s country and mobile operator, then opened web pages with paid subscriptions, unknowingly subscribing users to these services.