This post is also available in:
עברית (Hebrew)
In a concerning revelation, the Zscaler ThreatLabz research team has uncovered more than 200 malicious applications on the Google Play Store, collectively downloaded nearly eight million times. This alarming discovery highlights the growing threat of mobile malware, as cybercriminals increasingly target mobile users with sophisticated tactics.
As mobile phones become the primary device for online activities, malicious actors are intensifying their efforts to exploit vulnerabilities. According to Zscaler’s report, which is based on 20 million blocked malicious transactions, mobile spyware skyrocketed by 111%. “It’s clear that threat actors are increasingly motivated by the profitability of attacks,” Zscaler stated.
A particularly troubling discovery is that some threat actors were able to bypass multifactor authentication (MFA) through various phishing tactics using fake login pages. Additionally, QR codes are being used to distribute malicious software, with the notorious Anatsa banking malware affecting over 650 financial institutions globally.
The report warns that attackers often disguise Android remote access trojans within fake Skype, Zoom, and Google Meet sites, tricking users into downloading malicious APK files. According to Cybernews, even trusted platforms like the Google Play Store are not immune, as evidenced by the discovery of the Joker malware, which accounted for 38% of the identified malicious apps. This malware subscribes users to premium services without their consent, leading to unexpected charges.
Cybernews also reported that Adware represented 35% of threats, while 14% were Facestealers, aimed at exfiltrating Facebook credentials. ThreatLabz warns that many malicious apps masquerade as legitimate tools, such as PDF readers or file managers, deploying malware under the guise of helpful software.
Despite the grim landscape, Zscaler reports a decline in overall Android malware transactions since June 2023, with monthly blocks averaging 1.7 million. Most mobile malware targets users in India (28%), the U.S. (27%), and Canada (15%).
As mobile threats continue to evolve, users must remain vigilant and employ protective measures, such as enabling Google Play Protect, which provides automatic defense against known malware.
