Google’s Play Store may not be the wild west of malware that it once was, but it seems like we can’t go a week or two without hearing about some dangerous piece of malware that managed to sneak under Google’s radar. While Google has taken steps to make its Play Store a bit more secure and reliable, many malicious apps are becoming much more creative when it comes to avoiding detection as a result.
More recently, security researchers at Check Point Research discovered a new type of malware that lurked in 24 children’s games and 32 utility applications. Dubbed Tekya, the malware is essentially focused on committing mobile ad fraud and will generate fake clicks on a variety of seemingly genuine ads. And while the malware infecting 56 apps may not seem like much at first glance, keep in mind that the 56 apps involved have already been downloaded more than a million times to date. In particular, some of the malicious apps managed to gain traction simply by copying artwork from existing and already popular mobile apps.
“Tekya malware obfuscates native code to avoid detection by Google Play Protect and uses the” MotionEvent “mechanism on Android (introduced in 2019) to mimic user actions and generate clicks,” the report read.
“During this investigation,” adds the report, “the Tekya family of malware was not detected by VirusTotal and Google Play Protect.”
Malicious apps were finally detected and removed from Play Store. But again, that wasn’t until they were cumulatively downloaded more than a million times.
Here’s a list of 56 Android apps which the package malicious :
- caracal.raceinspace.astronaut
- com.caracal.cooking
- com.leo.letmego
- com.caculator.biscuitent
- com.pantanal.aquawar
- com.pantanal.dressup
- inferno.me.translator
- translate.travel.map
- travel.withu.translate
- allday.a24h.translate
- banz.stickman.runner.parkour
- best.translate.tool
- com.banzinc.littiefarm
- com.bestcalculate.multifunction
- com.folding.blocks.origami.mandala
- com.goldencat.hillracing
- com.hexa.puzzle.hexadom
- com.ichinyan.fashion
- com.maijor.cookingstar
- com.major.zombie
- com.mimochicho.fastdownloader
- com.nyanrev.carstiny
- com.pantanal.stickman.warrior
- com.pdfreader.biscuit
- com.splashio.mvm
- com.yeyey.translate
- leo.unblockcar.puzzle
- mcmc.delicious.recipes
- mcmc.delicious.recipes
- multi.translate.threeinone
- pro.infi.translator
- rapid.snap.translate
- smart.language.translate
- sundaclouded.best.translate
- biaz.jewel.block.puzzle2019
- biaz.magic.cuble.blast.puzzle
- biscuitent.imgdownloader
- biscuitent.instant.translate
- com.besttranslate.biscuit
- com.inunyan.breaktower
- com.leo.spaceship
- com.michimocho.video.downloader
- fortuneteller.tarotreading.horo
- ket.titan.block.flip
- mcmc.ebook.reader
- swift.jungle.translate
- com.leopardus.happycooking
- com.mcmccalculator.free
- com.tapsmore.challenge
- com.yummily.healthy.recipes
- com.hexamaster.anim
- com.twmedia.downloader
- com.caracal.burningman
- com.caracal.burningman
- com.cuvier.amazingkitchen
- bis.wego.translate