New Alert Issued Against Trojan Android Apps On Google Play Store That Secretly Run And Decrypt Malicious Payloads

Security experts are raising the alarm against a range of Trojan apps spotted across the Google Play Store.

Such questionable apps have been downloaded nearly 620,000 times by so many users and have been operated unknowingly as editors for pictures and apps providing wallpapers.

The news comes to us thanks to antivirus provider Kaspersky who discovered the applications and now claims that the apps were quietly making subscriptions to paid services. These were unwanted and giving the bill to victims who didn’t notice what sort of dilemma they were entangled in.

The Trojans were also offering some features that users wanted and that is what made it so much harder to determine the real ones from those that were malicious. They would function in a very discreet manner and decrypt plenty of payloads that were designed to cause nothing but harm and community with a hacker’s server for command and control.

This particular malware functions by identifying the infected device and then which mobile carrier it makes use of. Moreover, the hacker’s server for command and control would then be seen returning with plages of paid subscriptions. Trojans would run those discreetly in backgrounds via non-visible browsers.

It then made attempts to subscribe which it allowed to function in the background via a non-visible browsing window. This Trojan would then make attempts to subscribe to the paid service while intercepting confirmation data send to the devices that were infected through alerts. All this time, the user had no clue what was happening.

Trojans were seen targeting those in Asia and they cited the presence of those mainly present in Thailand. But other reports did shed light on victims inside Poland, Singapore, and even Indonesia among other places.

This new malware is called Fleckpe and thankfully, after short notice, Google’s Play Store did manage to get rid of 11 such applications. But Kaspersky did warn how hackers may end up circulating a list of malicious apps of victims that were not identified.

Those affected often failed to realize how some of those affected arose from unwanted subscriptions immediately. So they are so unclear about how it all happened in the first instance, the security expert and anti-virus expert revealed. All of this makes way for Trojan subscriptions as the most reliable source of illegal income there is in the world for cybercriminals.

Google Play did mention how it does have plenty of safeguards in place that try to detect and stop malware from functioning. But at the same time, it hopes more and more users would be more alert and cautious when conducting app downloads from tiny vendors on their devices. It’s a great idea to see user reviews and visit the website of app developers. This would do a great job of differentiating what’s real from what’s fake.

Moreover, consumers would even consider adding antivirus products across various handsets for more protection at all times.


Read next: Goldman Sachs Report Reveals Creator Economy Could Reach Half a Trillion Dollars By 2027
Previous Post Next Post