A new set of malware and phishing Android apps has been discovered by Dr. Web. According to experts, these applications pretend to be useful utilities and system optimizers, but in fact they cause device crashes, annoying ads and poor user experience.
One of the applications that the researchers talked about was TubeBox, which is still available on Google Play. The app promises users cash rewards for watching videos and ads in the app. However, users will never be able to get their reward – TubeBox throws various errors when trying to get a reward for watching ads.
The researchers believe that in this way the app developers are trying to keep the victim in order to show them as many ads as possible, says SecurityLab.
According to Dr.Web researchers, before October of this year, there were several other applications on Google Play using a similar strategy:
- Bluetooth device auto connect (bt autoconnect group) – 1,000,000 downloads;
- Bluetooth & Wi-Fi & USB driver (simple things for everyone) – 100,000 downloads;
- Volume, Music Equalizer (bt autoconnect group) – 50,000 downloads;
- Fast Cleaner & Cooling Master (Hippo VPN LLC) – downloads.
All of the above applications were used to earn money from ad impressions on infected devices. But in the case of Fast Cleaner & Cooling Master, the attackers decided to go even further, turning the victim’s smartphone into a proxy server through which the operators sent their traffic.