Fake Apps Spreading Phishing Pages Spotted in Google Play Store

Dr. Web researchers spotted a bunch of fake apps on the Google Play Store that promise to offer rewards for being fit and ask users to watch ads for withdrawing their earned balance.

As they never pay but force users to watch ads all the time, there’s another set of apps spreading phishing pages to steal sensitive data of users, with over 450,000 downloads on the Google Play Store. Here are they;

Fake Reward Apps on Google Play Store

Researchers at Dr. Web discovered a set of malicious apps on the Google Play Store – that pretend to be activity trackers and reward users for being fit in their lifestyle. Well, they’ll be asked to watch innumerable ads in case they want to withdraw the earned balance after a certain threshold.

Researchers said the rewards are impossible to cash out, as it’s just the trick of apps to make users watch more ads. Here are the three major apps of such, which amassed over 20 million downloads combined and are still available on the Google Play Store at the time of writing this;

  • Lucky Step – Walking Tracker – 10 million downloads
  • WalkingJoy – 5 million downloads
  • Lucky Habit – health tracker – 5 million downloads

All these apps connect to the same remote server address, hinting at a single developer/operator of this malicious campaign. Further, the researchers noted a set of other Android apps disguised as investment services and games that are spreading phishing pages to steal the information of users!

  • Golden Hunt – 100,000 downloads
  • Reflector – 100,000 downloads
  • Seven Golden Wolf blackjack – 100,000 downloads (still on Google Play)
  • Unlimited Score – 50,000 downloads
  • Big Decisions – 50,000 downloads
  • Jewel Sea – 10,000 downloads
  • Lux Fruits Game – 10,000 downloads
  • Lucky Clover – 10,000 downloads
  • King Blitz – 5,000 downloads
  • Lucky Hammer – 1,000 downloads

All the above apps connect to a remote server upon launch and receive commands to perform various tasks – typically to push phishing pages for users to fill in. It’s recommended to uninstall any of the above apps if you have one and scan your device with Google Play Protect.

Other Trending News:-  News


Please enter your comment!
Please enter your name here