Hundreds of malicious apps are lurking on the Android Play Store, and have already been downloaded by millions

News
By
published

Over 200 apps have been downloaded nearly 8 million times

Android apps
(Image credit: Shutterstock)

We’ve all made the mistake of downloading some useless apps at one point or another, but there used to be a degree of certainty that the fake beer drinking app or the wild west sound effect buttons wouldn’t turn out to be spyware - as long as you got it directly from an official app store. However, new research from Zscaler says this might not be the case anymore.

The company's latest ThreatLabz OT Threat Report has identified over 200 malicious apps available on the official Android app store, which have already been downloaded by 8 million users so far.

The news comes alongside a 101% rise in spyware year-over-year, as well as a 29% increase in banking malware attacks, suggesting the motives for the attacks remain primarily financial, as banking malware allows threat actors to steal your credentials not just to use themselves, but also to sell on to other criminals.

More than a few bad apples

The targets of these attacks mirror research on other types of cyberattack, with the education, technology, and manufacturing sectors experiencing the most incidents.

Education proves once again to be attractive to cybercriminals, and saw a 136% increase in attacks in the last year.

As more and more of us work from home, we introduce more software to enable us to connect or for productivity in hybrid environments, but these open the landscape up for threat actors to exploit.

"Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks," said Deepen Desai, Chief Security Officer at Zscaler.

"Mobile malware and AI driven vishing attacks adds to that list making it critical for CISOs and CIOs to prioritize an AI powered zero trust solution to shut down attack vectors of all kinds safeguarding against these attacks."

These are not the first reports of infected apps even from the official Play store, so we recommend checking reviews, number of downloads, and ratings when looking for something new.

More from TechRadar Pro

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.