Delete Immediately — Hackers are using these Android apps on the Play store to stage attacks

Reportgist
8 Min Read
- Advertisement -

Google Play Store which were being used by hackers to turn the smartphones they were installed on into proxies.>>>CONTINUE FULL READING HERE....CONTINUE READING THE ARTICLE FROM THE SOURCE

As reported by BleepingComputer, HUMAN’s Satori threat intelligence team discovered that these seemingly harmless apps were actually doing something shady in the background. Of the 28 apps listed in its report, 17 of them were posing as free VPN software.

While the best free VPN apps and services can help further protect your privacy online, you always need to be careful when installing one onto your devices. As the person who tests VPNs for our reviews on Tom’s Guide, I highly recommend you invest in one of the best VPN services instead as these paid solutions are much more reputable and many of them have their apps and services audited by third-parties to ensure they don’t contain any vulnerabilities or malicious code.

Although having your phone turned into a proxy isn’t nearly as bad as having it infected with Android malware, it’s still cause for concern. Residential proxies do have legitimate uses like for market research and search engine optimization but in the wrong hands such as in this case, they can be used for all manner of malicious activities from ad fraud to phishing and even credential stuffing .

- Advertisement -

Here’s everything you need to know about these good apps gone bad along with some tips on how to stay safe from malicious apps.

READ:  See How technology is shaping the future of the media

Some of the apps listed below no longer contain the malicious code that was used to turn Android smartphones running them into proxies. For those worried that hackers could be using their devices for cybercrime though, it’s recommended that you manually delete these apps if you have any of them installed on your smartphone.

- Advertisement -

The one thing that all 28 of these apps have in common is that they were using a software development kit (SDK) from LumiApps. The company also runs an Android app monetization platform which uses a device’s IP address to load webpages in the background and send any data it retrieves to companies.

Upgrade your life with a daily dose of the biggest tech news, lifestyle hacks and our curated analysis. Be the first to know about cutting-edge gadgets and the hottest deals.

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

Normally, this is from well-known sites and is “done in a way that never interrupts the user and fully complies with GDPR/CCPA” according to LumiApps’ website. All of this is done with the end goal of helping companies “improve their databases, offering better products, services and pricing.”

On paper, this seems harmless albeit a little intrusive but you get what you pay for when you download free apps instead of paid ones. What LumiaApps likely didn’t expect is that hackers would figure out how to use its app monetization platform for their own gain.

READ:  Check DStv Introduces ‘No Dish No Decoder’ Service

After conducting an investigation into these 28 apps, HUMAN’s security researchers discovered that they all contained a Golang library used to perform proxying called “Proxylib”. The first app the firm found that contained Proxylib was a
free Android VPN app

called Oko VPN. The security researchers later found that this same library was used by LumiApps’ Android app monetization service.

Based on the findings of its investigation, HUMAN believes these malicious apps are linked to a Russian residential proxy service provider called Asocks. It’s worth noting that Asocks’ service is often advertised on
hacking forums

online.

At the beginning of this year, LumiApps released a new version of its SDK which included Proxylib v2. Apparently, this was done to address “integration issues” but it’s unclear as to whether or not it can also be exploited by hackers in their attacks.

Google has since removed any of the remaining apps as well as any new ones using the LumiApps SDK from the Play Store. Likewise, some of the developers who were using the SDK have removed it too to fix their apps, though some have republished the same apps using different developer accounts.

When it comes to protecting yourself and your devices from malicious apps, the first thing you want to do is to
avoid installing unnecessary apps

on your Android smartphone. Ask yourself if you really need the app in question and from there, you want to check its rating and reviews before you install it. Keep in mind though that reviews and ratings can be faked which is why I always suggest looking at video reviews so that you can see the app in question in action.

READ:  Safety of Your Account; Once You Notice This In Any ATM Machine, Please Don't Insert Your ATM Card

On the security front, you want to make sure that Google Play Protect is enabled as it scans both your existing apps and any new ones you download for malware and other threats. For additional protection though, you should consider installing one of the best Android antivirus apps,too.

As for free VPN apps and free VPNs in general, I really can’t recommend them. Most VPN services are quite inexpensive for what they provide and if you shop smart, you can often get a great deal on ExpressVPN, NordVPN ,
Surfshark

or other top providers. For instance, I purchased a two-year subscription to Surfshark at a steep discount on Black Friday a year and a half ago and it’s still going strong.

Hackers and other cybercriminals will continue to release malicious apps and to try and turn good apps bad by injecting malicious code into them. This is because there’s just so much personal and financial data on our smartphones these days. Due to this, it’s up to you to think carefully and do the appropriate research before installing any new app on your smartphone regardless of how popular it may be.>>>CONTINUE FULL READING HERE

- Advertisement -
Share This Article
error: Content is protected !!