Android, new malware in the Play Store: more and more users at risk

Inside the Google Play Store, cybersecurity researchers have discovered a number of new malware families, here's how the viruses act

Computer security for users who own an Android smartphone is not a topic to be taken lightly. Hackers are increasingly targeting the Google Play Store. The app store is now infected with several families of malware.

Most of the companies specializing in cybersecurity, including ESET and McAfee, have released a report informing Google and Android users about the risks of downloading an app from the Play Store. In fact, the experts have found some families of viruses rooted inside thousands and thousands of applications. Among all these malware threats, each one acts differently than the other and to defend yourself in the best possible way, it is therefore essential to be able to recognize the different type of malware. Here is a list of the main virus strains present in the Google Play Store.


The Grabos malware was discovered by researchers from McAfee company. According to experts, there are at least 144 applications on the Play Store infected with this virus. Most of them are fake MP3 download programs. According to initial studies, Grabos has currently been downloaded between 4.2 million and 17.4 million times. The main purpose of the Android virus is to display fraudulent ads within the downloaded app. Through advertisements, the malware prompts the user to click on banners that automatically install another paid program. And this is the source of income for cyber criminals.


Another one of the most popular malware on Android is AsiaHitGroup. The name of the virus comes from the fact that it uses a blacklist of IP addresses to target only users from Asian countries. The threat was first discovered within an application to generate QR codes called "Qr code generator - Qr scanner". Once the malicious program is downloaded, the virus enrolls our phone number to a subscription service via SMS. And in this way it allows the hacker to make money. According to the company Malwarebytes the virus is much more widespread than you think and there are dozens and dozens of apps infected with this code on Play Store.

Adware Android

A new strain related to adware viruses has also been identified on Play Store. The new threat has been identified as Android.RemoteCode.106.origin. According to security researchers this malware has been downloaded between 2.37 million and 11.7 million times. Basically, once the virus is installed on our smartphones, hidden navigation tabs are opened that generate traffic on sites that bring profits to the hacker. According to the company Dr.Web there are at least ten apps with this adware on the Play Store.

Trojan Dropper

The company ESET has discovered eight apps infected with a malware known as Trojan Dropper on the Google Play Store. This is a very dangerous threat for users. The virus is capable of installing banking trojans and spyware on our smartphones. In most cases the malware hides behind fake device memory cleaning apps. Apps tampered with by Trojan Dropper are not easy to detect as dangerous, because the malware acts in the shadows and the program actually does the task for which we have downloaded it. At the moment, Trojan Dropper has affected at least 3 thousand users, mostly in the Netherlands.