It’s a whole underground world with its own rules, market prices, and reputational institutions, an overview of which we present in this report.
It is especially important to analyze how this threat originates, because many cybercriminals work in teams, buying and selling Google Play accounts, malware, advertising services, and more. With many examples of malicious and unwanted apps on Google Play being discovered after complaints from users, we decided to take a look at what the supply and demand of such malware on the dark web looks like. Malicious apps get removed from Google Play as soon as they are found, but sometimes after having been downloaded a number of times. For instance, they may upload a benign application, then update it with malicious or dubious code infecting both new users and those who have already installed the app.
These are usually policed vigorously, and apps are pre-moderated before being published however, the authors of malicious and unwanted software employ a variety of tricks to bypass platform checks. Although the most common way of distributing such installers is through third-party websites and dubious app stores, their authors every now and then manage to upload them to official stores, such as Google Play. In 2022, Kaspersky security solutions detected 1,661,743 malware or unwanted software installers, targeting mobile users.
0 kommentar(er)
