Scams are everywhere. Looming from every corner of the Internet. Even in the Android app market. They appear in many forms. Ranging from email spam to online scams. But this one – this one is a little bit different. It is different because hundreds of scam apps hit over 10 million Android devices. And you just might be one of them.
The so-called GriftHorse campaign used clever techniques to avoid detection in Google Play for nearly a year. So, we will dedicate this post to Your online security.
We just got the news that Google bans 151 Android Apps. Fake Android apps are spotted on the Google Play Store. This massive scamming campaign has plagued Android since November 2020.
Avast has been reporting on a scam campaign named UltimaSMS in recent weeks. According to the company 151 apps were part of the premium SMS scam campaign.
There are variety of apps you should avoid. Because the scam masks itself as a legitimate tools, like photo editors and camera filters to games and even QR code scanners. But they do have a hidden agenda. And that is to sign up users for expensive SMS services.
Apps like “Handy Translator Pro”, “Heart Rate and Pulse Tracker” and “Bus – Metrolis 2021” are just a few of them. Looking rather benign and even useful, but they do act as a front for a malicious code to execute in the background.
What is Google Camera (GCam)? How to Install? – Tech in Deep
How to Install XML Configs in Google Camera – Tech in Deep
What is the Camera2 API? How to Enable? – Tech in Deep
The Scam Flow
Once the application is installed on Your Android device, it will flood the victim with notifications. Prompting the user to “confirm” their phone number and claim a prize. Now here is the twist. A claim page would load through an in-app browser, thus keeping the application code clean and impossible to be detected as malicious. So the app code is clean, but the page that is loaded via your browser is a whole different story.
Once the user would enter their number, the attackers would sign them up for a monthly recurring charge of about $42 through the so called premium SMS service. But the money doesn’t go towards any service of any kind. It goes directly to the crooks.
With a conservative estimate of 10 million potential victims the criminals cashed in hundreds of millions of dollars. A staggering amount for a potentially unsolvable problem. The attackers were able to string these known approaches together in a way that was still extremely effective.
List of Malicious Android Apps
Ultima Keyboard 3D Pro
VideoMixer Editor Pro
FX Animate Editor Pro
Battery Animation Charge 2021
Dynamic HD & 4K Wallpapers
RGB Neon HD Keyboard Background
AppLock X FREE
NewVision Camera
Ultra Camera HD
Wi-Fi Password Unlock
Wi-Fi Around: All Wi-Fi and Hotspots Unlock
Colorful Call Screen & Phone Flash
Waterdrinker Reminder
GT Sports Racing Online
Magic Fonts and Keyboard 2021
All Language Photo and Voice Translator Al
Crime City: Revenge
Reface Ultra
Projector HD/AR Video Editor
LivePhoto Animator
Ludo Masterpiece Online
Mobile Scanner Pro: PDF Scanner App, Scan to PDF
Magic Mix Cut – Super Video Editor
Future Scanner FREE 2021
Pro Video Downloader 2021
AmazeTranslate
Football Masters 2021
New Body Shape Editor
Call Voice Recording 2.0
Pro Tuber Ad Blocker for Video
Fitness Ultimate 2021
Wallpaper XYZ Pro
MAKECOMMENT