Unsurprisingly, we routinely see a list of new apps appear (usually for Android) that pose a risk to user data, which can range from personal to financial data, thus generating a nice headache for those who have been victims.
In the most recent round of applications located by Dr.Web, we have applications with different profiles of approach and use, even pretending to be official apps and misleading the user, including cryptocurrency management apps, help tools for social benefits, investment clones, photo editors and a launcher inspired by iOS 15.
security
13 March
security
22 Feb
One of the examples can be seen below: the screenshots in question show 8 alleged apps related to Gasprom that propose false investment for those who downloaded, requesting the registration of an account and subsequent transfer of money to invest (something that obviously will not happen).
The list of applications that were cited by Dr.Web as problematic and with an embedded trojan were as follows:
- Up Your Mobile
- morph faces
- Power Photo Studio
- Launcher iOS 15
- Adorn Photo Pro
- chain reaction
- TOH
- Invest Gaz Incomes
- Gazprom Invest
- Gaz Investor
Another detail that drew attention in this new tour of potentially suspicious applications was that one of the previously reported apps (Top Navigation) was still available on the Play Store and its developer, with a profile of scam selling subscriptions in exchange for taking ads. .
New spyware mod for WhatsApp also mentioned
Also according to the Dr.Web report, trojanized versions of unofficial WhatsApp mods were found that use the name of known changes such as GBWhatsApp, OBWhatsApp or WhatsApp Plus to guarantee the click and thus, be able to have access to user information.
When installing these “trojanized” apps, malware is available on the device capable of capturing notifications from the Google Play Store and Samsung Galaxy Store through the Flurry stat service, in addition to downloading an additional APK that disguises itself as an update.
This new app works by delivering irregular dialog boxes with the presentation of content that seeks to redirect users to malicious websites.