New Android app trojan identified in more than 100 million downloads
Read in other languages:
Security researchers have found a nasty Trojan in a large number of apps from the Google Play Store. The virus not only ensures that your data is no longer safe, but you may also lose money. In the meantime, the research team is talking about damage that is likely to run into the hundreds of millions.
TL;DR
- Almost 500 Android apps are infected with a dangerous Trojan.
- The Trojan works like most viruses on smartphones and costs you cash every month.
- More than 100 million downloads have been recorded so far.
Do you have time for a scary horror story? Okay, it goes like this: The Google Play Store with over 2 million apps is the place to go for most Android owners. However, it happens again and again that some apps are infected with a virus. Even if you are sure that the app does not contain any viruses when you download it, this is not necessarily the case. The security team of Zimperium has now found another new Trojan in numerous apps and given it the nice name "Dark Herring".
- Reading tip for Samsung fans: Latest Galaxy S22 leaks surfaced!
Dark Herring is a virus that has appeared more often in the Google Play Store. The host apps looks serious enough at first glance and the requested permissions do not suggest a virus either. As a result, you download the app in your smartphone and a process is already underway that is not easy to stop.
In the process, your IP address is transmitted to a server and you are redirected to a website. This page is adapted to the language of the device and you have to enter your cell phone number for verification. Once you have done this, you will be charged around 15 dollars on your next phone bill. The Trojan simply signs you up for premium services.
- If you don't like to reveal your IP address: The NextPit VPN comparison
Immense damage and more than 70 countries affected
The problem is that the network providers usually do not show any mercy and you still have to pay the money. This caused damage that, according to estimates from Zimperium, is already in the hundreds of millions. There are 470 infected apps that have been distributed in over 70 countries. Germany, Austria and Switzerland are also affected. Moreover, these are apps that have been widely distributed. The cybercriminals have spread the portfolio so widely that apps from all categories can be found.
You can find out whether such an app is on your smartphone in a table. All infected apps have been listed on Github.com. It is best to delete them from your smartphone as soon as possible. The Play Store has also reacted in the meantime and removed all the apps in question from the store, but this does not protect you if you have such an app on your smartphone. I hope the scary story wasn't too scary - but beware of the Dark Herring!
Infected apps with more than a million installs
App name | Package name |
---|---|
Airplay Pro | com.provideos.airplaypro |
Cast It | com.casstis.casiits |
City Bus Simulator 2 | com.bussdriv.citydrivebusimu |
Connectool | com.combineapparatus.connectool |
Connector Box Pro | com.proconnector.boxconnector |
Crash King | com.crashingking.kingcrashgame |
Drive Simulator | com.dsim.driversimulator |
Driving Day | com.day.drivingday |
Evo Driving Rover Club Pro | com.roverproed.evoprodrivingrover |
Football HERO 2021 | com.starbestfootball.footballhero |
Football Legends | com.foootbal.legendsfutballl |
GameX Lab | com.ggamml.labbgam |
Grand Mafia Auto | com.grandmafiauto.gma |
My Translator Pro | com.mytraslt.translpro |
New Mobile Games | com.nmg.newmgames |
Offroad Jeep Simulator | com.gmofftrack.offroadjeepgm |
Photograph Labs Pro | com.exposure.photolabpro |
Pictasia | com.picmkedit.pictasia |
Project X | com.px.projxapp |
Racing City | com.townrally.racingcity |
Smashex | com.mixcrashing.smashex |
Smashex Pro | com.pro.smashexpro |
Speedy Cars - Final Lap | com.speedlap.finalcarslap |
Stream HD | com.highstream.appstreamhd |
StreamCast Pro | com.strmcas.strmmpro |
Translatley Pro | com.trasslat.prootrast |
Ultra Stream | com.ulttistrm.strmultr |
Upgradem | com.upgrrdm.gradmup |
Video Projector | com.videoenterprise.videoprojector |
VideoProj Lab | com.vdoprolab.projjectlab |
Vidly Vibe | com.vibe.vidlyvibe |
VStudio Pro | com.proveditstation.vstudiopro |
WallpArt Pro | com.wartpro.wallproart |
What do you think about the virus? Have you ever had a Trojan like Dark Herring or the Joker on your smartphone? Let us know in the comments!
Source: Zimperium, Computerbild