A new Android Trojan that uses web push notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store.
Multiple fake apps of well-known brands that distributed the malware dubbed Android.FakeApp.174 got removed in early June after researchers from Doctor Web reported them to Google.
While the apps were only installed by a little over 1000 users, the malware operators could publish other similar apps at any time on the Play Store and might also be switching to more aggressive attack methods such as redirecting victims to malicious payloads, launching phishing attacks targeting bank customers, or spreading fake news.
For instance, "Potential victims can think the fake notification is real and tap it only to be redirected to a phishing site, where they will be prompted to indicate their name, credentials, email addresses, bank card numbers, and other confidential information," Doctor Web explains.
Doctor Web experts discovered the <a href="https://vms.drweb.com/search/?q=Android.FakeApp.174&lng=en"><b>Android.FakeApp.174</b></a> trojan that uses Google Chrome to load questionable websites that subscribe users to advertising notifications. Notifications pop up even if the browser is closed...