List of Android Viruses and How to Protect

To widespread their malicious programs quickly, cybercriminals always look for a medium with a vast user base. Currently, there is no better medium with a huge user base than Android. 

TotalAv Logo

Stay malware-free with reliable antivirus

Don't compromise your Data and Privacy. TotalAV is a top-notch antivirus program that handles various viruses, trojans, and other malware that may target your devices. It will safeguard your devices and enhance your system performance.


Editor's Choice

✔️ Excellent Malware Detection
✔️ Multiple set of Features
✔️ 30 Day Money-Back

Get TotalAV >

Over the last decade, Android has become a soft target for cyber attackers to carry out illicit activities. It is because Android is an open-source program, making it highly customizable, unlike iOS. It is easy for cybercriminals to infiltrate an Android device using malicious apps. The malware programs like Trojans, Adware, Spyware, Keyloggers, and more

To protect your Android devices from malware attacks, first, it is essential to know what are the latest types of malware that are creating havoc. 

In this post, we will provide you with the latest Android virus list so that you can inform yourself and stay protected from them.

  How to Remove Malware from Android

Latest Android Virus List

Cybercriminals download ordinary apps from Google Play, add malicious code to them, and then submit the modified versions to Google Play with a new name. The functionality indicated in the description of the apps may still be present, thus users may not even be aware that a vulnerability exists.

Here are the latest malware types and respective apps that are infiltrating Android devices and corrupting them.

Vultur: The Shape-Shifting Banking Malware

Vultur was first identified in 2021. Fast forward to 2024, and Vultur has evolved, morphing into an even larger threat as reported by the NCC group.

Once primarily a banking malware, Vultur has now gained new capabilities that give it greater control over your Android device. So, how does it find its way into your smartphone? The answer lies in social engineering. Cybercriminals are becoming savvier, masquerading Vultur as a seemingly harmless app – the trusted McAfee Security. 

Once it has gained access, your device becomes a playground for these cyber outlaws. They can manipulate your device, pilfer your credentials, and mainly target your banking apps. So, the next time you’re downloading an app, bear in mind that appearances can be deceiving—or in this case, McAfee.

  Can't Uninstall McAfee? Solution to Remove Completely

HiddenAds Malware: The Wolf in Sheep’s Clothing

Ever found yourself dealing with an app that just wouldn’t stop displaying aggressive ads, leaving you baffled as to which app is the culprit? Allow us to introduce you to the world of HiddenAds malware.

These sly little programs camouflage themselves as mobile games, infiltrate your device, and then, true to their name—they go into hiding. They either mimic the Google Play Store’s icon or become invisible altogether. Once they’ve settled in, they bombard you with ads, turning your  device into a mobile billboard. 

Android.Mobidash: The Uninvited Guest

Next up on our list is Android.Mobidash, the elusive malware that loves to make a grand entrance once you’ve let your guard down. How so? Well, MobiDash employs an intriguing modus operandi—it lies dormant for about three days post-installation before it starts displaying pop-up ads.

However, there’s a silver lining. MobiDash is more of an annoying, unwelcome guest than a damaging menace. So, while it might be a bother, it doesn’t pose any serious threat to your device.

Pandora.2: The Trojan Horse

Last but certainly not least, we have Pandora.2, a trojan malware that’s been causing a stir since the onset of 2024. This trojan covertly compromises Android devices during firmware updates or when installing apps for viewing pirated video content.

What’s truly alarming? Pandora.2 uses your device as a pawn in its botnet chess game, initiating DDoS attacks. It’s a descendant of the notorious Linux.Mirai trojan, which has been instigating DDoS attacks against big players like GitHub, Twitter, Reddit, Netflix, Airbnb, and more since 2016.

CherryBIOS and FakeTrade

According to an article by Trend Micro, two new related Android malware families, CherryBlos and FakeTrade, have been discovered. These malware families are involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users.

The first campaign leveraged popular social networking platforms to promote fraudulent services, with the advertisements pointing to phishing websites that trick users into downloading and installing malicious Android apps. The downloaded malware CherryBlos can steal cryptocurrency wallet-related credentials and replace victims’ addresses while they make withdrawals.

Meanwhile, another campaign that employed several fraudulent money-earning apps involved the FakeTrade malware. These apps claim to be e-commerce platforms that promise increased income for users via referrals and top-ups. However, users will be unable to withdraw their funds when they attempt to do so.

Unsupported Compression

This is not a malware but a penetrate malware bypassing detection tools. According to a blog post by Zimperium, a cybersecurity company, threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. Zimperium found 3,300 apps leveraging such compression algorithms in the wild. Most of these samples are corrupted beyond the point that the OS is able to load them. However, their team identified 71 malicious samples that the Android OS is able to load properly.

Joker Spyware

Joker is a spyware that gathers contact lists, SMS messages, and details about affected devices. Joker also has the capacity to register the device for premium services without the owner’s consent, monetising the malware infection.

Harly Trojan

Harly obtains data about the user’s device, especially data about the mobile network, in an improper manner. The entire payload is contained within the app by the Harly family of Trojans, which employ various techniques to decode and launch it.


FakeDolphin is a malicious program that gives Dolphin browser as the alternative to your default browser, most commonly Google Chrome. The Dolphin browser is a fake browser containing a Trojan that automatically sign-up users up for its services without their permission. Generally, users are forced to download the Dolphin browser by unintentional redirection.


GinMaster, also known as the GingerMaster, was first detected in 2011. Today it comprises 6% of the total malware attacks on Android. After entering the device, the GinMaster installs its root shell deep into the device partition to remain undetected. In the last decade, cybercriminals have created so many varieties of the GinMaster and used it for various malicious purposes like stealing sensitive information, remotely controlling the device, spying, and more. The reason GinMaster is spreading rapidly is that it attaches itself to legitimate applications, and users unintentionally install it with them.


ExoBot is one of the most dangerous banking Android malware. Though it was particularly detected for Bank Austria, it has various other forms as well for other popular banks of the world. After the infiltration, the ExoBot would put a legit-looking icon of the banking app so that users click on it and enter their credentials. The ExoBot is widely used for banking credentials stealing, data theft, and other phishing.

Android Police Virus

Android Police Virus (APV) is a type of Ransomware. It can block the entire system and encrypt all the files and applications. The Android Police Virus is the newly designed Android version of the famous FBI virus.


FakeInst is one of the most widely spread Android malware. It is categorized under Trojan malware and is responsible for 22% of the total Android malicious attacks. FakeInst appears to be an installer program, but after the execution, the malware automatically sends premium-rate text messages.

BlackRock Malware

BlackRock is another Android trojan-type malware that is accounted for stealing banking information from the applications like Gmail, Uber, Amazon, Netflix, and others. It has made more than 300 apps its victim and millions of users along with it.


OpFake is a family of viruses that attacks Opera Browser and acts as its downloader. The attacker behind the OpFake silently monitors the user activities and sends premium-rate SMS through the victim’s device. It is spread in various ways, like through intriguing pop-ups, fake opera updates, and more.


Basebridge is a spyware-type malware that infiltrates Android devices. It is known for spying on users, stealing sensitive data from the smartphone, and sending it remotely to the attackers behind it. Additionally, it can also block data consumption monitoring.


KungFu is a rootkit-type malware that generally gets entry into the device by embedding itself into an application. After infiltrating the system, it quickly gets the root access of the device to hide from the security programs. KungFu comes with backdoor functionality that allows the intruders to secretly install malicious apps or scripts on the system, use the web browser to navigate to different websites, and steal the data or information stored in the device storage.

Ghost Push virus

Ghost Push is an Android malware that explicitly targets the device running on or below Android Nougat (Android 7.0). It is a type of rootkit that, after infiltrating the system, can perform various functions on the phone without user permission. The Ghost Push lives up to its name. It does not vanish even after hard resetting the system. Only reflashing the firmware can remove it from the device.

List of known Android Malware Apps 2024

In the previous section, we got to know about the top 10 Android malware types. Now we will list out the top dangerous Android applications that carry or promotes that malware.

Here is the list of the known Android Malware Apps of 2024:

HiddenAdsAgent Shooter (500,000 downloads)
Rubber Punch 3D (500,000 downloads)
Rainbow Stretch (50,000 downloads)
FakeApp Eternal Maze (Yana Pospyelova) (50,000 downloads)
Jungle Jewels (Vaibhav Wable) (10,000 downloads)
Stellar Secrets (Pepperstocks)
Fire Fruits (Sandr Sevill) (10,000 downloads)
Cowboy’s Frontier (Precipice Game Studios) (10,000 downloads)
Enchanted Elixir (Acomadyi) (10,000 downloads)

Refer to the list of the top 25 known Android Malware Apps of 2023:

Harly TrojanFare Gamehub and Box
Hope Camera-Picture Record
Same Launcher and Live Wallpaper
Amazing Wallpaper
Cool Emoji Editor and Sticker
Joker SpywareSimple Note Scanner – com.wuwan.pdfscan
Universal PDF Scanner –
Private Messenger – com.recollect.linkus
Premium SMS – com.premium.put.trustsms
Blood Pressure Checker – com.bloodpressurechecker.tangjiang
Cool Keyboard – com.colate.gthemekeyboard
Paint Art
Color Message
Autolycos MalwareVlog Star Video Editor
Creative 3D Launcher
Wow Beauty Camera
Gif Emoji Keyboard
Instant Heart Rate Anytime
Delicate Messenger
FleckpeBeauty Slimming Photo Editor
GIF Camera Editor Pro

It is essential to know that most of these apps are also available on Google Play Store. Unfortunately, because of a library of millions of apps, it is pretty challenging for Google to keep the Play Store free of malicious apps.

If your phone carries one or multiple apps from the above list, it is advised to immediately get rid of them and scan your system with a robust antimalware program.

  How to Prevent Malware on Android

Bottom Line

With the growing dependency on modern gadgets like smartphones, tablets, smart TVs, and more, the risk of cyberattacks is also expanding. It is essential to keep all your device protected from cyber attacks. For that, you require a robust security solution like Total AV. It is available for both Android and Windows devices.

1 thought on “List of Android Viruses and How to Protect”

  1. I have Total AV and have been using it for 2 and a half years and haven’t had any Viruses and things I recommend it I give it 4and a half stars.


Leave a Comment