New Malware App on Google Play With Over 20 Million Downloads

Recently the cybersecurity experts at Dr. Web antivirus reported that over 20 million devices have recently downloaded a highly successful new category of activity-tracking apps from the Google Play Store.

Among the features offered by these applications are pedometers, the ability to stay active in your daily life, and strategies to help you develop good habits.

Furthermore, you can earn rewards for reaching a variety of distance goals or staying active in your daily life, as the apps claim.

A large number of advertisements might be forced to be watched by the user in order to be able to cash out the rewards, or the rewards may only be made available partially.

Notable Fake Fitness Apps

In Dr. Web’s report, experts mentioned the three most notable apps that can be found below:-

• Lucky Step – Walking Tracker (10 million downloads)

• WalkingJoy (5 million downloads)

• Lucky Habit: health tracker (5 million downloads)

The same remote server address is used by all three apps, which indicates a common operator or developer on the front end of the apps.

Fake Promise by Apps

Apparently, there is no way for users to withdraw rewards before they have accumulated a significant amount of points to make a withdrawal.

Nevertheless, they promise that users will be able to access their earnings after watching a dozen advertisements.

It is reported that the apps continue to push more advertisements even after watching a round of ads in order to expedite withdrawals. 

The previous version of ‘Lucky Step – Walking Tracker’ allowed users to redeem in-app rewards for gift cards to be used for buying goods in real online stores.

However, recent app updates have removed this feature, leaving the reward redemption options unclear. Users on Google Play have reported that ‘Lucky Step – Walking Tracker’ behaves like adware. 

Due to the fact that this malicious application displays full-screen ads upon screen unlock and interrupts active windows.

‘Wonder Time’ is another title that has amassed 500,000 downloads on Google Play. It is another example of an app similar to the ones that are available on the Play Store.

If you complete tasks such as installing additional applications and games, the app promises to reward you with real money. But the token rewards for each action are negligible compared to the minimum withdrawal threshold set by the developer.

Fake Malicious Game Apps

As a result of Dr. Web’s observations, the following game apps have been observed as fake and malicious:-

• Golden Hunt (100,000 downloads)
• Reflector (100,000 downloads)
• Seven Golden Wolf blackjack (100,000 downloads)
• Unlimited Score (50,000 downloads)
• Big Decisions (50,000 downloads)
• Jewel Sea (10,000 downloads)
• Lux Fruits Game (10,000 downloads)
• Lucky Clover (10,000 downloads)
• King Blitz (5,000 downloads)
• Lucky Hammer (1,000 downloads)

At the moment remove phishing apps from your Android device if you have any of the above-mentioned ones and run an antivirus scan to ensure all rest are deleted.

Network Security Checklist – Download Free E-Book