Cybersecurity experts have found a group of 28 malicious applications that are attacking users of Android devices. These seemingly harmless products have been identified as malware generators that turn computers into servers on a malicious network.
Human's Satori Threat Intelligencea group of researchers dedicated to the identification and prevention of cybersecurity threatswere largely responsible for finding this situation and found that the majority offered vpn services.
These apps are designed to operate clandestinelyusing local servers to hide their illegal activities. This technique allows them to steal sensitive data: passwords, personal and financial data, as well as carrying out fraudulent activities. All without the user knowing.
How these applications work
The “modus operandi” of these applications is slow but progressive. When using residential servers, the traffic generated by malicious activities appears to come from IP addresses that are legitimate.
The case that triggered this investigation was the discovery of an application free vpn Android call Ok VPN. According to the investigations, this application registered users on a network malicious proxy and received instructions from command and control servers to carry out its activities.
In this situation, it is key to take immediate measures in order to protect yourself. For this, it is recommended remove any app who is suspected of carrying out any illegal activity. Furthermore, it is key to have caution when downloading new applicationsalways opting for official application stores.