Android fans have been put on alert about terrifying malware that’s hidden away in apps for Google’s leading mobile OS.
Android is one of the most popular pieces of software in the world, with it used by more than two billion people each month.
However Android users are no strangers to security alerts, with some recent widespread threats being circulated via apps found on the Goole Play Store.
Six Android apps that were downloaded a staggering 90million times from the Google Play Store were found to have been loaded with the PreAMo malware.
While another recent threat saw 50 malware-filled apps on the Google Play Store infect over 30million Android devices.
And now Android users are being warned once again about a terrifying piece of malware that is targeting users of the Google mobile OS.
Security experts have discovered spyware on Android apps that, at first glance, look just like popular programmes for the Google OS.
However, in actuality these apps are fake and convincing looking versions of popular Android downloads.
The surveillance malware was loaded onto fake versions of Android apps such as Evernote, Google Play, Skype and PornHub.
The fake apps were discovered by Canadian cybersecurity company Lookout, and the apps were reportedly created by a Russian firm.
The St Petersburg-based Special Technology Center had previously been hit by sanctions over the 2016 US election hacks, according to Forbes.
Cybersecurity experts discovered the fake apps stole passwords and also turned Android phones into listening devices.
This was done via the Monokle tool which can record home screens of locked Android phones to steal passwords and eavesdrop on calls.
The Android malware has been targeting Google devices since 2016 with a spike in activity early last year.
Lookout said English speakers were among those likely targeted by the Android spyware.
Others believed to have been targeted are those in Caucaus regions and those interested in the Syrian Ahrar al-Sham militant group.
In a blog post Lookout said: “Monokle appears in a very limited set of applications which implies attacks using Monokle are highly targeted.
“Many of these applications are trojanized and include legitimate functionality, so user suspicion is not aroused.
“Lookout data indicates this tool is still being actively deployed.”
Google have said that none of the fake apps were ever hosted on the official Google Play Store.
They added that Android users should receive a warning if Google Play Protect detects the spyware on a device.
• Stay tuned to Express.co.uk for more Android news and Google updates
Source: Read Full Article