Researchers at Trend Micro found recently that more than 200 Android applications are on the Google Play Store spreading spyware known as “Facestealer,” which aims to steal sensitive data from the compromised devices of the users.
Maximum of these Android applications are found to be masquerading as the following categories of the applications:-
- Fitness apps
- Photo editing apps
- Puzzle apps
These malicious applications steal all the essential data that you have voluntarily entered into the app and here they are:-
- Credentials
- Facebook cookies
- Other personal information
Further Analysis
Doctor Web reported the occurrence of FaceStealer in July 2021, and since then, it has been referred to as a set of fraudulent applications that are being exploited with the goal of obtaining sensitive details of Android users.
Out of the 200 malicious applications, 42 have been identified as VPN services, followed by cameras with a count of 20 and software for editing photographs with a count of 13.
In addition, Trend Micro’s latest report states that it discovered over 40 illegal applications which mine cryptocurrency. By using malware designed to trick users into watching ads and paying for subscriptions, these mining apps target users who are interested in virtual coins.
Malicious apps installed in the wild
The researchers claimed that this analysis is considered to be one of the “largest on-device study” of potentially harmful apps (PHAs) on Android. They conducted this study between 2019 and 2020 in which they analyzed more than 8.8 million apps installed on over 11.7 million devices.
In addition, 3,553 removed apps displayed inter-market migration after they were identified as PHAs, and this is a delay between the time they are identified and when they are removed.
On average, the researchers found that PHAs are lingering for a greater amount of time on the user’s device when they switch devices and from the backup, it automatically downloads the apps.
Recommendations
People who use these types of apps are get easily lured by Facestealer apps since it disguised as simple tools.
When it comes to fake cryptocurrency mining apps, their operators do more than just scam their victims into buying hoaxed cloud-based crypto mining services.
Users who are interested in what they offer are also asked for sensitive cryptocurrency information, such as private keys, in order to harvest private keys and other sensitive data that can be exploited.
While the experts have recommended some mitigations that should be followed by the users to mitigate such situations:-
- Always see robust AV tool
- Use multi-factor authentication
- Always check app reviews
- Make sure that you apply due diligence
- Don’t download apps from third-party sources.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
