Malicious Reward Apps Trick Over 2 Million Android Users

Heads up, Android users! Researchers have found numerous shady reward apps on Play Store targeting Android users. The malicious apps barrage users with tons of ads if they wish to cash out rewards, which never happens.

Malicious Reward Apps On Android

According to a recent post from Dr. Web, the researchers caught multiple malicious reward apps flooding the Google Play Store.

As explained, they observed a spike in the emergence of Android trojans and adware campaigns in December, including a dedicated adware campaign involving the Play Store.

The malicious apps impersonated fake reward apps, luring users with things like financial education, crypto markets, and company shares. Whereas some other apps also mimicked games and fitness applications.

The apps seemed harmless, seeking personal details from the users to serve the purpose. When provided, the app would then offer various app rewards, such as virtual coins, which the users could cash out.

But in reality, the apps would never allow them to cash out the rewards. Instead, they displayed numerous apps to the users first to meet the withdrawal requirement and then, to accelerate the withdrawal process.

Dr. Web has shared a detailed list of such malicious apps in its post, urging users to steer clear of them. Nonetheless, it seems that the apps successfully garnered a huge victim base as each boasts thousands of downloads.

Watch Out For Fake Apps

It is recommended to download apps from the official app stores, such as the Google Play Store for Android. But it doesn’t mean that all apps listed in these stores are reliable. While Google implements a robust vetting process before allowing apps, still, some sneaky adversaries succeed in ditching these reviews.

Many times, apps go rogue after establishing themselves first on the Play Store, garnering a substantial number of downloads. Therefore, the best practice to avoid falling victim to such scams is only to download apps from trusted developers.

Essentially, users should make it a habit to verify the developer first by checking its contact details and history before installing an app.

Moreover, users should also carefully review the permissions an app requires before randomly allowing everything. Any apps asking for unnecessary permissions are risky. For instance, a flashlight app has nothing to do with your device store. Similarly, a calculator app should not request access to your device’s camera and microphone.

The more users remain careful while downloading apps, even from the official app stores, the better they can avoid scams.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients