To widespread their malicious programs quickly, cybercriminals always look for a medium with a vast user base. Currently, there is no better medium with a huge user base than Android.
Over the last decade, Android has become a soft target for cyber attackers to carry out illicit activities. It is because Android is an open-source program, making it highly customizable, unlike iOS. It is easy for cybercriminals to infiltrate an Android device using malicious apps. The malware programs like Trojans, Adware, Spyware, Keyloggers, and more
To protect your Android devices from malware attacks, first, it is essential to know what are the latest types of malware that are creating havoc.
In this post, we will provide you with the latest Android virus list so that you can inform yourself and stay protected from them.
Latest Android Virus List
Cybercriminals download ordinary apps from Google Play, add malicious code to them, and then submit the modified versions to Google Play with a new name. The functionality indicated in the description of the apps may still be present, thus users may not even be aware that a vulnerability exists.
Here are the latest malware types and respective apps that are infiltrating Android devices and corrupting them.
CherryBIOS and FakeTrade
According to an article by Trend Micro, two new related Android malware families, CherryBlos and FakeTrade, have been discovered. These malware families are involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users.
The first campaign leveraged popular social networking platforms to promote fraudulent services, with the advertisements pointing to phishing websites that trick users into downloading and installing malicious Android apps. The downloaded malware CherryBlos can steal cryptocurrency wallet-related credentials and replace victims’ addresses while they make withdrawals.
Meanwhile, another campaign that employed several fraudulent money-earning apps involved the FakeTrade malware. These apps claim to be e-commerce platforms that promise increased income for users via referrals and top-ups. However, users will be unable to withdraw their funds when they attempt to do so.
This is not a malware but a penetrate malware bypassing detection tools. According to a blog post by Zimperium, a cybersecurity company, threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. Zimperium found 3,300 apps leveraging such compression algorithms in the wild. Most of these samples are corrupted beyond the point that the OS is able to load them. However, their team identified 71 malicious samples that the Android OS is able to load properly.
Joker is a spyware that gathers contact lists, SMS messages, and details about affected devices. Joker also has the capacity to register the device for premium services without the owner’s consent, monetising the malware infection.
Harly obtains data about the user’s device, especially data about the mobile network, in an improper manner. The entire payload is contained within the app by the Harly family of Trojans, which employ various techniques to decode and launch it.
FakeDolphin is a malicious program that gives Dolphin browser as the alternative to your default browser, most commonly Google Chrome. The Dolphin browser is a fake browser containing a Trojan that automatically sign-up users up for its services without their permission. Generally, users are forced to download the Dolphin browser by unintentional redirection.
GinMaster, also known as the GingerMaster, was first detected in 2011. Today it comprises 6% of the total malware attacks on Android. After entering the device, the GinMaster installs its root shell deep into the device partition to remain undetected. In the last decade, cybercriminals have created so many varieties of the GinMaster and used it for various malicious purposes like stealing sensitive information, remotely controlling the device, spying, and more. The reason GinMaster is spreading rapidly is that it attaches itself to legitimate applications, and users unintentionally install it with them.
ExoBot is one of the most dangerous banking Android malware. Though it was particularly detected for Bank Austria, it has various other forms as well for other popular banks of the world. After the infiltration, the ExoBot would put a legit-looking icon of the banking app so that users click on it and enter their credentials. The ExoBot is widely used for banking credentials stealing, data theft, and other phishing.
Android Police Virus
Android Police Virus (APV) is a type of Ransomware. It can block the entire system and encrypt all the files and applications. The Android Police Virus is the newly designed Android version of the famous FBI virus.
FakeInst is one of the most widely spread Android malware. It is categorized under Trojan malware and is responsible for 22% of the total Android malicious attacks. FakeInst appears to be an installer program, but after the execution, the malware automatically sends premium-rate text messages.
BlackRock is another Android trojan-type malware that is accounted for stealing banking information from the applications like Gmail, Uber, Amazon, Netflix, and others. It has made more than 300 apps its victim and millions of users along with it.
OpFake is a family of viruses that attacks Opera Browser and acts as its downloader. The attacker behind the OpFake silently monitors the user activities and sends premium-rate SMS through the victim’s device. It is spread in various ways, like through intriguing pop-ups, fake opera updates, and more.
Basebridge is a spyware-type malware that infiltrates Android devices. It is known for spying on users, stealing sensitive data from the smartphone, and sending it remotely to the attackers behind it. Additionally, it can also block data consumption monitoring.
KungFu is a rootkit-type malware that generally gets entry into the device by embedding itself into an application. After infiltrating the system, it quickly gets the root access of the device to hide from the security programs. KungFu comes with backdoor functionality that allows the intruders to secretly install malicious apps or scripts on the system, use the web browser to navigate to different websites, and steal the data or information stored in the device storage.
Ghost Push virus
Ghost Push is an Android malware that explicitly targets the device running on or below Android Nougat (Android 7.0). It is a type of rootkit that, after infiltrating the system, can perform various functions on the phone without user permission. The Ghost Push lives up to its name. It does not vanish even after hard resetting the system. Only reflashing the firmware can remove it from the device.
List of known Android Malware Apps 2023
In the previous section, we got to know about the top 10 Android malware types. Now we will list out the top dangerous Android applications that carry or promotes that malware.
Here is the list of the top 25 known Android Malware Apps of 2023:
|Harly Trojan||Fare Gamehub and Box|
|Hope Camera-Picture Record|
|Same Launcher and Live Wallpaper|
|Cool Emoji Editor and Sticker|
|Joker Spyware||Simple Note Scanner – com.wuwan.pdfscan|
|Universal PDF Scanner – com.unpdf.scan.read.docscanuniver|
|Private Messenger – com.recollect.linkus|
|Premium SMS – com.premium.put.trustsms|
|Blood Pressure Checker – com.bloodpressurechecker.tangjiang|
|Cool Keyboard – com.colate.gthemekeyboard|
|Autolycos Malware||Vlog Star Video Editor|
|Creative 3D Launcher|
|Wow Beauty Camera|
|Gif Emoji Keyboard|
|Instant Heart Rate Anytime|
|Fleckpe||Beauty Slimming Photo Editor|
|GIF Camera Editor Pro|
It is essential to know that most of these apps are also available on Google Play Store. Unfortunately, because of a library of millions of apps, it is pretty challenging for Google to keep the Play Store free of malicious apps.
If your phone carries one or multiple apps from the above list, it is advised to immediately get rid of them and scan your system with a robust antimalware program.
With the growing dependency on modern gadgets like smartphones, tablets, smart TVs, and more, the risk of cyberattacks is also expanding. It is essential to keep all your device protected from cyber attacks. For that, you require a robust security solution like Total AV. It is available for both Android and Windows devices.