Tuesday , July 14 2026

38 apps spread malware on Smartphone: McAfee

You know how we told you around two weeks ago about more than 60 Android apps with a collective total of over 100 million Google Play downloads that were found to push invasive ads without the user’s permission and gather a host of sensitive information… also without notifying you or asking for approval?

What is this issue all about?

Although it’s part of the same large and malicious adware family as the previously identified “Goldoson” virus, this “HiddenAds” campaign might seem a little less harmful at first glance, doing, well, exactly what the name suggests.
Specifically, around 35 million (!!!) Android users worldwide have apparently been served ads in the background of their mobile gaming sessions recently with the main purpose of generating unlawful revenue for various shady companies and individuals.
That sounds like something that won’t greatly impact your user experience or data privacy, but anyone who’s ever accidentally installed this type of malware before knows precisely how annoying it can be to notice your phone slow down, freeze, or crash out of nowhere without being able to identify the culprit.

If you’ve experienced something like that of late, it’s possible that your mobile device is infected with “HiddenAds”… or a similar malware, especially if you happen to occasionally share said device with a child between the ages of 5 and, say, 15.

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection
That’s because every single malicious app found to be part of this specific adware group emulates or, let’s be honest, downright rips off Mojang’s hugely popular Minecraft game. We’re talking incredibly similar titles mixing up the words “block”, “diamond”, “craft”, “sword”, “monster”, “forrest”, “builder”, and “rainbow” in slightly different ways to draw the attention of the most vulnerable mobile users of all.

These are all the apps you need to delete ASAP

  • Block Box Master Diamond
  • Craft Sword Mini Fun
  • Block Box Skyland Sword
  • Craft Monster Crazy Sword
  • Block Pro Forrest Diamond
  • Block Game Skyland Forrest
  • Block Rainbow Sword Dragon
  • Craft Rainbow Mini Builder
  • Block Forrest Tree Crazy
  • Craft Clever Monster Castle
  • Block Monster Diamond Dragon
  • Craft World Fun Robo
  • Block Pixelart Tree Pro
  • Craft Mini Lucky Fun
  • Block Earth Skyland World
  • Block Rainbow Monster Castle
  • Block Fun Rainbow Builder
  • Craft Dragon Diamond Robo
  • Block World Tree Monster
  • Block Diamond Boy Pro
  • Block Lucky Master Earth
  • Craft Forrest Mini Fun
  • Craft Sword City Pro
  • Block Loki Monster Builder
  • Block Boy Earth Mini
  • Block Crazy Builder City
  • Craft Sword Vip Pixelart
  • Block City Fun Diamond
  • Craft City Loki Rainbow
  • Craft Boy Clever Sun
  • Block City Dragon Sun
  • Craft Loki Forrest Monster
  • Lokicraft: Forrest Survival 3D
  • Craft Castle Sun Rain
  • Craft Game Earth World
  • Craft Lucky Castle Builder
  • Craftsman: Building City 2022
  • Craft Rainbow Pro Rain
If you’re thinking of discarding this threat as minor and unimportant… don’t. That’s because the malicious Android games listed above are ordered by popularity, starting with a title that was downloaded more than 10 million titles and three more with 5 million+ Google Play installs under their belt (each).
So, yeah, if you’re not extremely careful about every single thing you or your kid downloads from the official Play Store every single day, odds are your phone might need a little spring cleaning. And quickly! That’s especially true if you live in the US, Canada, South Korea, or Brazil, which were apparently the main countries targeted by this malware-spreading campaign.
For its part, Google seems to have fulfilled its secondary task of cleaning up the Play Store of these apps after failing the primary goal of keeping such threats away to begin with. But that doesn’t mean anything if you don’t also locate these apps and delete them from your devices before they can spread their tentacles and start performing other shady background activities besides pushing ads for dirty money.

Check Also

CLI

Azure CLI Password Spray Impacts 78 Microsoft Accounts in 81M+ Attempts

Cybersecurity researchers have warned of a “massive, ongoing, automated password spray attack” aimed at Microsoft’s …