Researchers Expose New, Hidden Techniques to Target Mobile and Gaming Users Worldwide

  • It was found that hackers use popular gamer chat apps and cheat videos as bait.
  • Attackers would hide by hacking the original developer’s Google Play account.

A computer security firm reported that modern hackers are using hidden mobile apps, third-party login, and counterfeit gaming videos as bait to target potential victims.

About the research


McAfee has identified a wide variety of methods, from backdoors to mining cryptocurrencies that hackers are practicing, expanding the ways of hiding their attacks.

  • Researchers disclosed that threats arose due to hidden apps has generated close to 50% of all the malicious activities in 2019.
  • It was found that hackers use popular gamer chat apps and cheat videos as bait.
  • Legitimate transit apps that contain location information, route maps, and more were also on the target of the hackers.

Hidden apps - the biggest mobile threat


According to McAfee, consumers face a major threat from hidden apps.

  • Besides accounting for 50% of all malicious activities in 2019, researchers observed a 30% rise in such attacks.
  • Hidden apps have an edge due to the fact that humans spend most of their time on mobile devices. Hackers take advantage of consumers using third-party login services or by serving unwanted ads.

Every person globally is expected to own numerous connected devices in the near future, which could further expand the attack surface.

Gaming communities - an easy trap


The more popular a game, the larger its reach.

  • Hackers distribute malicious apps via links in popular gamer chat apps and cheat videos, which basically contain links to fake apps.
  • Such apps are masqueraded with lookalike icons that closely mimic those of the real apps. The intention behind it is, however, to serve unwanted ads and collect user data.
  • As per researchers, there are fake versions of popular apps like FaceApp, Spotify, and Call of Duty to prey especially on younger users.

Third-party sign-on to leak sensitive information


Researchers uncovered a mobile malware dubbed ‘LeifAccess’ (or Shopper) and some transit apps being used by South Korean commuters.

  • The Shopper malware would gain access to Android features to create accounts, download apps, and post reviews using credentials stolen from the victim’s device.
  • Another malware dubbed ‘MalBus’ was found in a number of transit apps in South Korea that were being used to compromise data (such as bus stop locations, route maps, and schedule times for over 5 years) of daily commuters. Apps were embedded with a fake library and plugin that could exfiltrate confidential files.
  • Attackers would hide by hacking the original developer’s Google Play account.

Concluding thoughts


Undoubtedly, hackers aim to stay obscure while attempting to steal precious resources and important data from compromised devices.

It has become extremely critical for consumers and app developers to take cognizance of this rising trend of modern threats and follow the right steps to defend themselves against them.