Unfortunately, scam attempts, malware and other computer attacks have not stopped increasing in recent years. Without going any further, yesterday we echoed the SMS attack that cybercriminals are carrying out to deceive users by taking advantage of the Income Statement campaign, by posing as the Tax Agency. A very lucrative business mainly because it is very difficult to catch these cybercriminals, so the risk to them is relatively low. And now, Kaspersky experts have discovered that infected mobile apps and store developer accounts are being sold on the DarkNet. Yes, the deep web is a place where we know that all kinds of dubious morality deals are made, and it is the stronghold of thousands of cybercriminals. And now, through this Kaspersky report, we already know a little more about how they make money. How can there be infected apps on Google Play? For starters, the malicious apps being sold are apps that are currently on Google Play. Yes, they have managed to pass the rigorous requirements of Google to be able to publish the app itself. How do they do that? Uploading a completely legal app to Google Play and then, through an update, adding the malicious code. A trick that has managed to bypass Google’s security controls. We are talking about apps that have thousands or even millions of downloads, so they are a very appetizing product for lovers of foreign things. The same goes for developer accounts. Keep in mind that a verified account is required to be able to upload content to the Google Play Store, so these types of old accounts and those that suffer less controls by Google are especially juicy. Hence, both the most downloaded malicious apps and these developer accounts can be sold for up to $20,000. As you remember from Kaspersky, in order to publish a malicious app, cybercriminals need a validated developer account, which costs between $60 and $200. Then, if you want to buy a more complex account with apps under its belt, the price goes up. On the other hand, apps with malware that have passed Google’s security controls are priced between $2,000 and $20,000, depending on the complexity of the malware, functions, users who have downloaded it… They are mainly cryptocurrency trackers, apps financial, or dating apps. .“Malicious mobile apps continue to be one of the main cyberthreats for users, with more than 1.6 million mobile attacks detected during 2022. At the same time, the quality of solutions that protect users is also increasing. On the darknet there are messages from criminals complaining that it is now more difficult for them to upload malicious applications to official stores. This implies that they work on more sophisticated systems, so the user must always be alert and carefully check which application is being downloaded”, explains Alisa Kulishenko, Kaspersky security expert, So, seeing that Google Play Store or App store It also has malicious applications, we recommend you review the permissions granted to the apps, and have an antivirus downloaded to prevent it. >
