Google Play has distributed over 200 malicious apps with over 8 million downloads

Google Play has distributed more than 200 malicious apps to Android devices. | Photo credit: Special agreement

It was found that over 200 malicious apps were distributed on Google Play Store, the official store for Android apps, and the total number of downloads exceeded 8 million.

The most common threats distributed through these apps were information stealers capable of intercepting SMS messages and subscribing users to arbitrary services, adware, credit installers, and banking Trojans.

Most of the apps that contained the malware were published in the Tools, Personalization, Photography, Productivity and Lifestyle categories.

The malicious apps were distributed over a one-year period between June 2023 and April 2024 and were identified by threat intelligence researchers at Zscaler.

While malicious apps are prevalent around the world, India and the US have emerged as the target countries for mobile malware over the past year, according to Zscaler’s Mobile Threats department.

The report also shows a significant increase in spyware infections, with the education sector being the most affected.

And even though Google has a system in place to keep malicious apps out of its App Store, threat actors are constantly trying new tricks to bypass the review process.

Early last year, Google said that threat actors were using a new method called “versioning” to spread malware via application updates. The method involves using servers controlled by threat actors to distribute malware to users via updates to the app.