Security firm Check Point Software Technologies has released a new report which reveals that malicious apps masquerading as legitimate apps for Android devices have infected more than one million Google accounts linked to tablets and smartphones. These apps exploit known flaws in the Android operating system to remotely control the device and install other apps without the user’s knowledge or consent.
The report points out that these apps normally have names that don’t right alarm bells, such as Perfect Cleaner, WiFi Enhancer, and StopWatch. People who are not careful about online security can often download such dubious apps and unknowingly open the door to their device.
These malicious apps then install more apps in the background some of which use the victim’s username and password to post fake reviews for apps. The cycle continues and more people get sucked in.
Googligan, the Trojan Horse software that’s hiding inside these malicious apps, is said to be infecting more than 13,000 Android devices every single day. Bear in mind though that Gooligan apps aren’t being distributed through the Google Play Store because the company won’t approve such apps.
They are actually being spread via third-party app stores of which there are many online. If you’re an Android user you must exercise extreme caution when downloading apps from unknown sources online as that’s one of the easiest ways to willingly compromise your device’s security.
Always stick to the Google Play Store, that’s your best bet for avoiding these malicious apps.