Have you noticed that there have been far fewer reports about malicious apps wreaking havoc on Android devices in the last couple of months than usual? Unfortunately, that still doesn’t mean Google’s Play Store is free of all security threats, as a widespread new issue originating where we all install our apps from is today coming to light.>>>CONTINUE FULL READING HERE....CONTINUE READING THE ARTICLE FROM THE SOURCE
Dubbed Proxylib, the malware-spreading operation monitored and documented by Human’s Satori Threat Intelligence researchers over a period of more than nine months in 2023 and early 2024 may have impacted millions of Android users around the world, turning their phones into so-called proxy nodes to conceal various fraudulent online activities.
Let us put your biggest concern at ease by stressing that you can’t be prosecuted or accused of anything illegal that may have been done with the help of your phone after you installed one of the 28 apps infected with this new type of malware.
Unlike other malicious apps discovered in the past, there’s also no reason to believe your bank account, financial information of any sort, or even personal data is in jeopardy this time around. What the bad actors behind the large-scale Proxylib campaign probably managed to do was turn you into unknowing accomplices to a wide range of cybercrimes, which certainly sounds scary and shouldn’t be allowed to happen (especially for months in a row) by
Google.
To its credit, the search giant reacted to these hair-raising revelations in the only acceptable way we can think of, removing all the dangerous new apps from its Play Store while also disabling them on devices where they’re already installed. That is, if you have the Google Play Protect functionality enabled, which you absolutely should at all times.
Before listing all the apps you need to delete from your phone if you have Play Protect switched off or if for some reason the tool fails to do its job, it’s important to highlight that a few of these titles have actually returned to Google Play without any trace of malicious code in them. Does that make them safe to use? Theoretically, yes, but we can totally understand if you’ve developed trust issues and would rather install alternatives with a clean security record.
As you can easily notice, many of these apps have one key thing in common – free VPN (Virtual Private Network) service. That sounds like a very compelling proposition when some of the best premium VPNs out there are available for anywhere between $3 and $10 a month, so it’s definitely easy to understand how millions and millions of people were duped into joining the Proxylib shenanigans.
This was the first app of the malicious batch discovered back in June 2023, although it’s (theoretically) safe to use if you download it now.
These essentially routed traffic from one device through another to conduct advertising fraud and other malicious activities known as password spraying and credential stuffing attacks. Hackers used IP addresses without user approval or notification to hide the true origin of their attacks and make ad money with the help of bots and your very own phones.
That’s just the tip of the iceberg, though, and alas, we can’t really know exactly what cybercrimes your IPs were involved in, for how long, and how much online and personal harm they may have caused between June 2023 and February 2024 and even before the date at which the first Proxylib-carrying app was discovered.
What we do know is that you should probably pay a few bucks a month if you want a secure and reliable VPN app, and in general, it’s wise to stay away from shady free apps that seem too good to be true.>>>CONTINUE FULL READING HERE