Android, as we all know is currently the most popular mobile operating system in the world with over 2.5 Billion active devices. While this is good news as more users mean more device models, quicker updates, more apps, and developer support and so on, this sheer popularity of the OS itself makes it a popular target among hackers and cybercriminals.
This is mainly because once they develop a single Malware they could potentially use it to target and attack millions and even billions of Android devices at once.
Even though Google has taken a lot of steps towards improving the security of Android devices with features such as Google Play Protect, instant security updates via the Google Play Store, more controls towards app permissions and such, somehow these Android apps and games filled with Malware find their way to the Google Play Store and ultimately into the Android smartphone of potentially millions of users.
This post will be covering some of the most dangerous Android Malware that was discovered this year in 2019, what kind of apps they affected, the impact they had on your smartphones, and how they work.
Top 4 Dangerous Android Malware discovered in 2019
A Trojan is a type of malware that disguises itself as a genuine and legitimate software or an application and tricks the user into downloading it so that it can execute malicious actions in the background without the knowledge of the user.
This Android Clicker Trojan, which was discovered earlier this August comes in two variants namely Android.Click.312.origin and Android.Click.313.origin and has already been suspected to have affected over 100 Million Android devices.
The Malware was found to be embedded in normal and legitimate-looking popular Android apps like Dictionary apps, music players and photo editors but will affect the device of the user once they install these apps on their devices.
The Android Clicker Trojan works by randomly clicking through advertisements on the internet to generate revenue for its developers. The Malware is designed to only start working 8 hours after it has affected your device thus reducing the chances of getting detected and suspecting that a background process is running on your device and performing all these malicious activities.
Once in action, the Malware will send details about your device including the model number, your location and carrier details to the Command and control server of the developer and this will enable the developers to perform malicious actions such as clicking on advertisements and even subscribing to expensive online services without the knowledge and the consent of the victim.
This not only affects the users but also the people behind the ads as they would be paying for ghost clicks generated by malware instead of an actual user. With over 100 million devices affected and about 34 apps from the Google Play Store infected with this Malware, it is probably one of the most dangerous Android Malware discovered this year.
The Agent Smith Android Malware has affected over 25 Million Android smartphones and it is quite difficult to detect the presence of this Malware on your Android device even after you are affected.
This is because once the Malware infects your Android device it will automatically replace a genuine app installed on your phone to a version that serves malicious advertisements thus tricking the users into clicking on these ads.
According to researchers, the malware replaces popular apps like Whatsapp or Opera browser and even some of the manufacturer apps like Samsung or Google apps and then it hides in your phone by removing the app icon from the home screen and app drawer.
From here, the app does all the work in the background making it difficult to identify which app is responsible for all these malicious activities.
One good thing about this Android Malware is that it has not yet affected the Google Play Store and is currently spreading through the 9apps.com App store and is only targeting the developing markets.
However, researchers reveal that they have found pieces of code belonging to the Agent Smith Android Malware in some apps on the Google Play Store, however, they were dormant at that time and Google has immediately removed these apps from the Play Store.
CamScanner is one of the most popular Android apps with over 100 Million downloads in the Google Play Store and has a pretty good rating as well.
The app is used for scanning the photos and images of documents to be able to digitally store and edit them on your mobile device and while the app was seemingly genuine and useful all these years, this June, security researchers at Kaspersky has discovered a Malware in the app which evidently showed intrusive and malicious ads to its users and even attempted to subscribe them to expensive paid services online.
The app was infected by this Malware when CamScanner started using a third party advertising module which contained a Trojan dropper in its code.
This incident clearly shows that not even apps that have a good reputation and millions of downloads can be trusted blindly and necessary steps should be taken to ensure that all the apps are completely safe and free from Malware every time you download or update them on your device.
The Joker Android Malware discovered just a couple of weeks back reportedly has affected over 24 Android apps which have a combined download count of about half a million.
This Malware signs up the users of the affected devices to paid subscription services by stealing their device details and even their SMS messages to get the OTP or confirmation messages from the bank or subscription services.
Most of the apps infected by this Joker Android Malware were wallpaper or customization apps and there was even an Antivirus app that was affected by this Malware. Upon analysis of the Malware code, researchers have reported that some of the code was written in Chinese which gives them a hint about the developers behind this Malware.
The Malware seems to mainly target the users in the European and Asian regions. While Google has already removed the affected apps from the Play Store, it is advisable to uninstall them from your device in case you have downloaded and installed any of them. Below is the list of the apps that were affected by the Joker Android Malware.
- Advocate Wallpaper
- Age Face
- Altar Message
- Antivirus Security — Security Scan
- Beach Camera
- Board picture editing
- Certain Wallpaper
- Climate SMS
- Collate Face Scanner
- Cute Camera
- Dazzle Wallpaper
- Declare Message
- Display Camera
- Great VPN
- Humour Camera
- Ignite Clean
- Leaf Face Scanner
- Mini Camera
- Print Plant scan
- Rapid Face Scanner
- Reward Clean
- Ruddy SMS
- Soby Camera
- Spark Wallpaper