Sunday , December 1 2024

38 apps spread malware on Smartphone: McAfee

You know how we told you around two weeks ago about more than 60 Android apps with a collective total of over 100 million Google Play downloads that were found to push invasive ads without the user’s permission and gather a host of sensitive information… also without notifying you or asking for approval?

What is this issue all about?

Although it’s part of the same large and malicious adware family as the previously identified “Goldoson” virus, this “HiddenAds” campaign might seem a little less harmful at first glance, doing, well, exactly what the name suggests.
Specifically, around 35 million (!!!) Android users worldwide have apparently been served ads in the background of their mobile gaming sessions recently with the main purpose of generating unlawful revenue for various shady companies and individuals.
That sounds like something that won’t greatly impact your user experience or data privacy, but anyone who’s ever accidentally installed this type of malware before knows precisely how annoying it can be to notice your phone slow down, freeze, or crash out of nowhere without being able to identify the culprit.

If you’ve experienced something like that of late, it’s possible that your mobile device is infected with “HiddenAds”… or a similar malware, especially if you happen to occasionally share said device with a child between the ages of 5 and, say, 15.

Workshop on “DDoS use cases & solutions for government & BFSI” held at BCS

A workshop on "DDoS use cases & solutions for government & BFSI" held at Bangladesh computer society premises on Saturday...
Read More
Workshop on “DDoS use cases & solutions for government & BFSI” held at BCS

Uganda confirms hack of central bank accounts, Refutes $17 Million Claim

Uganda’s finance ministry confirmed media reports that hackers breached the central bank’s systems and stole money, but refuted the claims...
Read More
Uganda confirms hack of central bank accounts, Refutes $17 Million Claim

CVE-2024-11667
Hackers actively exploiting Zyxel firewall to deploy Ransomware

CERT Germany and Zyxel have alerted about a serious vulnerability in Zyxel firewalls, identified as CVE-2024-11667. This flaw is being...
Read More
CVE-2024-11667  Hackers actively exploiting Zyxel firewall to deploy Ransomware

Daily Security Update Dated: 29.11.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update  Dated: 29.11.2024

CIRT-in flags Critical Flaw in Oracle Agile PLM Framework

CERT-In has flagged a security vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software, identified as CVE-2024-21287 and cataloged as...
Read More
CIRT-in flags Critical Flaw in Oracle Agile PLM Framework

Microsoft patches four vulnerabilities in its services

On November 26th, Microsoft patched four vulnerabilities detected in Dynamics 365 Sales, the Partner.Microsoft.Com portal, Microsoft Copilot Studio and Azure...
Read More
Microsoft patches four vulnerabilities in its services

Data broker exposes 600K+ passwordless sensitive files online

SL Data Services/Propertyrec, an information research provider exposes a non-password-protected database containing more than 600K records according to the security...
Read More
Data broker exposes 600K+ passwordless sensitive files online

Cloudflare logs faces major failure, losing 55% of user data

Cloudflare suffered an incident roughly 3.5 hours On November 14, 2024 impacting the majority of customers using Cloudflare Logs. Cloudflare...
Read More
Cloudflare logs faces major failure, losing 55% of user data

VMware Patched critical flaw in Aria Operations

VMware revealed several critical vulnerabilities in its Aria Operations product, with the most severe allowing attackers to gain root user...
Read More
VMware Patched critical flaw in Aria Operations

HDFC Life hit by data breach, begins investigation

On Monday, Indian HDFC life insurance said, They got some instances of data leaks. "We have received communication from an...
Read More
HDFC Life hit by data breach, begins investigation
That’s because every single malicious app found to be part of this specific adware group emulates or, let’s be honest, downright rips off Mojang’s hugely popular Minecraft game. We’re talking incredibly similar titles mixing up the words “block”, “diamond”, “craft”, “sword”, “monster”, “forrest”, “builder”, and “rainbow” in slightly different ways to draw the attention of the most vulnerable mobile users of all.

These are all the apps you need to delete ASAP

  • Block Box Master Diamond
  • Craft Sword Mini Fun
  • Block Box Skyland Sword
  • Craft Monster Crazy Sword
  • Block Pro Forrest Diamond
  • Block Game Skyland Forrest
  • Block Rainbow Sword Dragon
  • Craft Rainbow Mini Builder
  • Block Forrest Tree Crazy
  • Craft Clever Monster Castle
  • Block Monster Diamond Dragon
  • Craft World Fun Robo
  • Block Pixelart Tree Pro
  • Craft Mini Lucky Fun
  • Block Earth Skyland World
  • Block Rainbow Monster Castle
  • Block Fun Rainbow Builder
  • Craft Dragon Diamond Robo
  • Block World Tree Monster
  • Block Diamond Boy Pro
  • Block Lucky Master Earth
  • Craft Forrest Mini Fun
  • Craft Sword City Pro
  • Block Loki Monster Builder
  • Block Boy Earth Mini
  • Block Crazy Builder City
  • Craft Sword Vip Pixelart
  • Block City Fun Diamond
  • Craft City Loki Rainbow
  • Craft Boy Clever Sun
  • Block City Dragon Sun
  • Craft Loki Forrest Monster
  • Lokicraft: Forrest Survival 3D
  • Craft Castle Sun Rain
  • Craft Game Earth World
  • Craft Lucky Castle Builder
  • Craftsman: Building City 2022
  • Craft Rainbow Pro Rain
If you’re thinking of discarding this threat as minor and unimportant… don’t. That’s because the malicious Android games listed above are ordered by popularity, starting with a title that was downloaded more than 10 million titles and three more with 5 million+ Google Play installs under their belt (each).
So, yeah, if you’re not extremely careful about every single thing you or your kid downloads from the official Play Store every single day, odds are your phone might need a little spring cleaning. And quickly! That’s especially true if you live in the US, Canada, South Korea, or Brazil, which were apparently the main countries targeted by this malware-spreading campaign.
For its part, Google seems to have fulfilled its secondary task of cleaning up the Play Store of these apps after failing the primary goal of keeping such threats away to begin with. But that doesn’t mean anything if you don’t also locate these apps and delete them from your devices before they can spread their tentacles and start performing other shady background activities besides pushing ads for dirty money.

Check Also

flowchart

Cloudflare logs faces major failure, losing 55% of user data

Cloudflare suffered an incident roughly 3.5 hours On November 14, 2024 impacting the majority of …

Leave a Reply

Your email address will not be published. Required fields are marked *