New Waves of Cyber Threats Hitting Android Users

Users of Android devices have been increasingly exposed to a wide variety of threats, including fake applications, malware, adware, and more.

What is happening?

In the past few weeks, several fake apps pretending to be related to Minecraft and other educational games were observed targeting Android users across the globe.
  • More than 20 fake Minecraft modpacks were discovered on Google Play, delivering abusive ads. The most popular one among these had more than one million installations.
  • Just a few days ago, seven mobile apps for Android were found fooling the fans of Minecraft and Roblox, charging them hundreds of dollars for game skins, wallpapers, and game mods for Minecraft and other games at premium prices. Five of these apps had more than a million downloads each.

Recent waves of malware threats

Besides being targeted via fake apps, Android users have witnessed several waves of attacks from multiple malware in the past few weeks.
  • A new wave of attacks by the Wroba trojan was observed targeting Android smartphone users in the United States and Asia.
  • GravityRAT, which previously focused only on Windows machines, has been further enhanced by its authors with capabilities to target Android and macOS devices as well.
  • The DoNot APT threat group was found abusing the Google Firebase Cloud Messaging server for C&C communication with its new Android malware loader dubbed Firestarter.

Additional revelations

According to recent research by Symantec, Google Play Store has been identified as the primary source of malware installs on Android devices.
  • The study covered over 7.9 million unique Android apps, that were installed over 34 million times.
  • According to the study, around 67% of the malicious app installs came from the Google Play Store.

The bottom line

Looking at the increasing threats on Android devices, experts suggest adopting additional layers of security, such as a mobile-focused anti-malware solution and multi-factor authentication wherever possible. Additionally, users need to be extra cautious while installing new apps and check for reviews and comments from other users.