Security researchers have discovered 470 Android apps on Google Play, which are said to have lured over 100 million users worldwide into a subscription trap since March 2020. This is how you check whether you are also a Dark Herring victim.
Malware called “Dark Herring” has now been discovered in 470 Android apps. (Source: Balefire9 /depositphotos.com)
- Security researchers have discovered “Dark Herring” malware in 470 Android apps on Google Play.
- Over 100 million Android devices worldwide have been infected with it since March 2020.
- The malware lures you into a subscription trap.
It is no longer news that malware is hidden in seemingly harmless Android apps. We have already reported on such cases several times in the past few months. But the “Dark Herring” malware campaign that has now been discovered goes beyond all previously known dimensions.
Apps lure you into a subscription trap
According to the security researchers at Zimperium, it has been hiding undetected in around 470 Android apps for over a year and has infected an estimated 105 million cell phones worldwide – including in Germany. The oldest Dark Herring app was available on the Play Store since March 2020, the newest was uploaded in November 2021. The researchers estimate that the unknown perpetrator or perpetrators could have earned hundreds of millions of dollars with them.
Because the apps ask for your cell phone number under a pretext after the start. If you do this, you are in fact subscribing to a premium SMS service for 15 US dollars (approx. 13.50 euros) per month, which will be billed to your mobile phone bill.
Cyber criminals put in enormous effort
A classic subscription trap. Particularly perfidious: while other such campaigns mostly use fake apps that do not function after registering for the subscription trap, the apps used by the cybercriminals are fully functional. Probably one reason why the malware wasn’t noticed earlier.
In order to lure as many users as possible into the subscription trap, suitable registration pages were also created in 70 languages. The security researchers estimate that the clean localization should probably have a trust-enhancing effect.
Google has since removed the affected apps from the Play Store, but they may still be available in third-party stores, Zimperium warns. If you have one of these apps installed here, it is better to delete them immediately and check your mobile phone bill for anything suspicious. We also advise setting up a third-party lock so that you don’t fall into a subscription trap.
” Tip: The best VPN providers for more security and privacy
Don’t miss anything with the NETWORK-Newsletter
Every Friday: The most informative and entertaining summary from the world of technology!