Hundreds of Malicious Android Apps Masked as Anti-virus Software

With the recent surge in ransomware attacks, it is no surprise to see that attackers have capitalized on the opportunity and played on people’s fears by offering them Android anti-virus apps that are, in reality, another malware.

The hunt for anti-virus apps

It goes without saying then, that given the dangers and prevalence of ransomware, users have resorted to downloading various anti-virus apps in an attempt to avoid potential accidents. However, as RiskIQ, found, users need to be more careful as the anti-malware solutions might just be another prank disguised as authentic software.

RiskIQ researched a number of apps that appeared to be anti-virus software and scanned them using its own mobile database. It was revealed that most of them were simply another form of adware.

A total of 6,295 Android apps popped up when the word “Antivirus” was searched and of the total, over 700 apps were shown in the blacklisted category, implying that in reality, the apps were not what they claimed to be.

Moreover, the test was run to see how many apps have been listed on Google Play Store and the results showed that out of the 655 apps on Google play, 131 were blacklisted. 

On the right it’s one of the apps labeled “Androids Antivirus” on Google Play Store – On the left is the result of VirusTotal search showing almost every anti-virus has detected that the app is containing a trojan. (Image Source: RickIQ)

It was also found that over 4,290 apps were active and 525 were blacklisted. Overall, it was revealed that Google Play had blacklisted 20% of anti-virus apps which was higher than the usual 11%.

However, RiskIQ states that not all of the apps that are blacklisted may contain malware. Nevertheless, if an app is shown as risky by a trusted anti-virus vendor or by a group of them, then it is safe to say that a particular app is far from safe. Some of the apps scanned by RickIQ were:

“MP Security Antivirus App Lock, “Antivirus Malware Trojan,” “Mobile Antivirus Security Info” and “Androids Antivirus” etc.

The emergence of the ransomware epidemic

We all know the devastating effects of the WannaCry ransomware attack and the fear that it created in people’s minds as they ran for anti-malware solutions in order to protect themselves from the attack. Indeed, even after several weeks of the attack, the effects are prevalent.

Nevertheless, ransomware attacks have seemingly taken a new course where they have increased in popularity among the cybercriminal community. We have even seen the rise of MacRansom (The Most Sophisticated Mac Ransomware) which is the first of its kind to have attacked a Mac instead of the mainstream Windows.

We saw the recent campaigns that attack users’ systems by encrypting their files and demanding ransom in bitcoins. The phenomenon has grown to become an epidemic where the dark web has well-established marketplaces in which such tools are being traded ever so openly.

Protecting yourself

As you can see, the best way to protect yourself is only to use legitimate and official websites and platforms to download anti-virus apps. Avoid downloading apps from third-party stores and always go through permissions an app is asking for. Stay safe online.

DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

Related Posts