Latest news with #mobilethreats
Yahoo
5 days ago
- Yahoo
More than 250 malicious apps are spreading info-stealing malware on Android and iOS — delete these right now
When you buy through links on our articles, Future and its syndication partners may earn a commission. You can never be too careful when downloading a new app to your iPhone or Android phone as what may look harmless on the surface could actually be a malicious app designed to infect your device with malware. Case in point, the mobile security firm Zimperium has discovered a new malware campaign which targets users of the best iPhones and best Android phones with over 250 malicious apps spread via 80+ malicious domains. What sets this particular campaign apart is that in addition to posing as utility apps, many of the malicious apps used in it also posed as dating apps along with file sharing ones and car service platforms. Once installed on a vulnerable smartphone, the apps were then used to download a dangerous info-stealing malware capable of stealing all sorts of sensitive personal data including a victim's contacts and even their photos. The hackers behind this campaign then took things a step further, threatening to extort victims by leaking their private info and photos to their contacts or online if their demands weren't met. Here's everything you need to know about this new malware campaign along with some tips and tricks to help you stay safe from malicious apps and the dangers they pose to both your data and your devices. Delete these apps right now Before we go into the campaign itself and how it worked, you should first check your phone to make sure that you haven't installed any of the apps below. If you have, you're going to want to manually delete them from your devices: Pilatess Mfile Zcloud Haikiss WhaleS KingCloud Acloud Cloud-k AceCloud Lovelush LOVESS Slovehome Erotic-s BKing I've highlighted just a few of them above but you can see the full list here (Google Sheet). If you take a closer look at the names of these malicious apps, you'll notice that many of them are in Korean which makes sense given that this campaign mainly targeted users in South Korea. Given that anyone could have shared a link to one of the malicious domains hosting these fake apps, iPhone and Android users worldwide could be impacted. Either way, it's always a good idea to take a closer look at all of the apps you have installed and to delete any you don't recognize or haven't used in a while. From phishing sites to fake apps In a blog post detailing the inner workings of this new campaign dubbed SarangTrap, Zimperium's security researchers explain that potential victims are first tricked into visiting carefully crafted phishing sites. These are designed to impersonate popular brands and app stores which not only adds legitimacy to the campaign but may also entice users to download these bad apps. Once installed, these fake apps lure users in with slick user interfaces while requesting access to loads of unnecessary permissions with the caveat that they won't work without them. To make these apps seem more exclusive, especially the ones posing as dating apps, users are also prompted to enter a valid invitation code. After being entered, this invitation code is sent to a hacker-controlled server for validation after which, these malicious apps then request access to the sensitive permissions they'll use to infect a device with malware and steal personal info from it. Besides acting as a lure, this process allows the malware to remain undetected by the best antivirus software and other security solutions designed to stop malicious activity from bad apps. With the necessary permissions in hand, these fake apps reveal their true nature. While they look slick and polished at first, they contain no dating features or other functionality at all. Instead, they're just a facade used by the hackers behind this campaign to gain a foothold on vulnerable devices from which they can then steal all sorts of valuable sensitive data. When it comes to the types of data the malware spread by these fake apps is able to steal, it can download a victim's phone number and device identifiers along with all their photos and text messages. With all this info, the hackers behind this campaign can easily extort victims, though they could also bundle it altogether and sell this data to other cybercriminals to use in their own attacks. Surprisingly, in addition to malicious Android apps, this campaign also uses a deceptive mobile configuration profile to go after iPhone users. By installing this profile on an iPhone, the hackers are able to steal much of the same sensitive data on iOS including a victim's contacts and photos. How to stay safe from malicious apps Just like with new software on your computer, you always need to be careful when installing new apps on your phone, especially as we now have so much personal and even financial info on our mobile devices. For starters, you want to avoid sideloading apps or installing apps from unknown sources or websites. If you're taken to a site trying to get you to install an app instead of to an official app store like the Google Play Store or Apple's App Store, this is a major red flag and a great indication that you should avoid this particular app altogether. When you install a new app on your devices, you want to pay close attention to the types of permissions it requests the first time that you open it. While it makes sense for a messaging app to request access to your text messages, it definitely doesn't when a dating app does so. If any permissions seem odd or unnecessary, this is another red flag that something could be off with a particular app. Besides being extra careful when installing new apps, I highly recommend that you limit the number of apps on your phone overall. Having a lot of apps installed makes it difficult to find malicious ones and even good apps can go bad when injected with malicious code. The fewer apps you have, the less likely it is that one of them will be malicious or turn malicious later. If you're using an Android phone, you want to make sure that Google Play Protect is enabled as this pre-installed security solution scans all of the new apps you download as well as all of your existing apps for malware. For extra protection though, you may also want to consider running one of the best Android antivirus apps alongside it. While there isn't an iPhone equivalent of these apps due to Apple's own restrictions, the best Mac antivirus software from Intego can scan your iPhone or iPad for malware when plugged into your Mac via a USB cable. Given that downloading and installing a malicious app even accidentally can have very serious consequences, you may also want to invest in one of the best identity theft protection services. They can help you get your identity back after having it stolen as well as compensate you for any funds lost to fraud or a cyberattack. Malicious apps are the easiest way for hackers to establish a foothold on your devices and gain leverage over you and your data which is why they aren't going anywhere anytime soon. This is why it's up to you to be proactive as well as careful when it comes to which apps you download and where you download them from. Follow Tom's Guide on Google News to get our up-to-date news, how-tos, and reviews in your feeds. Make sure to click the Follow button. More from Tom's Guide Your Ring cameras weren't hacked over the weekend — here's what actually happened 12 signs your phone has been hacked — and what to do next This Android malware poses as real apps to take you to dangerous sites and flood your phone with spam
Zawya
27-05-2025
- Business
- Zawya
Inside the Middle East, Turkiye, and Africa (META) mobile threat landscape: Middle East attacks rise, Africa and Turkiye remain targeted
At the 10th annual Cyber Security Weekend – META 2025 conference held recently, Kaspersky ( Global Research and Analysis Team experts shared their insights on the latest trends in the mobile threat landscape across the Middle East, Turkiye, and Africa (META) region. While the overall attack rate in the region remained relatively stable in the first quarter of 2025 compared to the previous quarter, the Middle East experienced a significant surge, with attacks increasing by 43%, reaching over 57,000 attacks. In contrast, both Africa and Turkiye showed a positive trend, with a decline in mobile attacks. Africa saw a 17% decrease, with 94,270 recorded attacks, while Turkiye experienced a 16% reduction, totaling 28,592 attacks. 'The decline in the number of mobile attacks in some parts of the META region is certainly a positive sign and may indicate that awareness and protective measures are starting to pay off,' said Tatyana Shishkova, Lead Security Researcher at Kaspersky. 'However, the threat is far from gone. Cybercriminals are becoming more skilled and selective, increasingly leveraging sophisticated AI-powered and targeted attacks.' All of these recorded threats were successfully blocked by Kaspersky's mobile security solutions, with data from Kaspersky protection systems running on Android devices. The company's experts highlight that the latest trends point to a cascade-style infection strategy, where attackers find multiple ways to sneak onto victims' devices. As more services shift to mobile platforms - and as people increasingly rely on smartphones for nearly every aspect of their lives - mobile devices have become highly attractive targets for cybercriminals. Many of these threats are distributed via social media platforms or unofficial app stores, as seen in the Tria Trojan campaign, which spread through fake wedding invitations shared over WhatsApp and Telegram. Victims were tricked into downloading and installing a malicious APK file disguised as a legitimate app. However, even big official platforms are not immune. A recent discovery revealed SparkCat, a sophisticated data-stealing Trojan leveraging artificial intelligence. Distributed through both the App Store and Google Play, SparkCat was downloaded more than 242,000 times. It used machine learning to scan for cryptocurrency and sensitive data in nine different languages. Alarmingly, even brand-new phones can be compromised before they reach their owners, arriving with pre-installed malware. Counterfeit versions of popular smartphone models, often sold at discounted prices, have been discovered to come preloaded with a modified variant of the Android malware known as Triada. 'Even the most vigilant individuals can miss a well-crafted threat. That's why cybersecurity must be proactive—not reactive. Staying ahead of cybercriminals takes innovation from tech companies, expertise from security professionals, and awareness from users. It's a shared responsibility,' adds Tatyana Shishkova. To protect yourself from mobile threats, Kaspersky recommends: Download apps only from official stores like Apple AppStore, Google Play or Amazon Appstore. Apps from these markets are not 100% failsafe, but at least they get checked by the moderators and there is some filtration system — not every app can get onto these stores. It's worth looking through user reviews of an app to see if there is any negative feedback on its functionality. Check the permissions of apps that you use and think carefully before permitting an app, especially when it comes to high-risk permissions such as Accessibility Services. A reliable mobile security solution like Kaspersky Premium ( can help you to detect malicious apps and adware before they start behaving badly on your device. Update your operating system and important apps as updates become available. Many safety issues can be solved by installing updated versions of software. Kaspersky calls on the mobile industry to enhance cyber protection at all levels, including security for users, by providing tailored cybersecurity services. Kaspersky Consumer Business Alliances enable companies to offer their customers complete cybersecurity portfolios by backing them with Kaspersky's global support and expertise. Distributed by APO Group on behalf of Kaspersky. For further information please contact: Nicole Allman nicole@ Social Media: Facebook: X: YouTube: Instagram: Blog: About Kaspersky: Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them. Learn more at
