Millions of malicious Android app downloads found on Google Play: report

Malicious apps on Google Play are often used by cybercriminals to distribute adware, malware and mobile banking Trojans. It was recently discovered that over 90 such apps were installed on Google Play, over 5.5 million.

The apps have been used to distribute malware, including a banking Trojan that is reported to target more than 650 apps of financial institutions in Europe, the US, the UK and Asia. A report by Bleeping Computer shows that the Trojan steals online banking credentials to conduct fraudulent transactions.

Since last year, the Baking Trojan has made 150,000 infections via Google Play using various decoy apps from the productivity software category.

A report by Zscaler shows that the baking trojan is currently using the “PDF Reader & File Manager” and “QR Reader & File Manager” apps on the official Android app store to attack users.

(For the top tech news of the day, sign up for our Today’s Cache tech newsletter)

At the time of Zscaler’s analysis, both programs had accumulated around 70,000 installs, highlighting the risk posed by malicious apps that managed to slip through Google’s verification process.

Additionally, over the past few months, malicious apps impersonating tools, personalization apps, photography tools, productivity and fitness apps have been used to trick users into downloading malicious code, according to a report by Zscaler.

Users are advised to check the applications and their required permissions before installing them on their devices. Users are also advised to read app reviews to ensure they are legitimate, especially when downloading productivity apps as they may be infected with malware.