The CherryBlos Android Malware is targeting smartphone users through money-making apps and displaying ads
The CherryBlos Android Malware is targeting smartphone users through money-making apps and displaying ads. It has been discovered by the Mobile Application Reputation Service team of the cybersecurity firm Trend Micro. The malware enters smartphones through popular social media platforms like Twitter, YouTube, Telegram, and Google Play Store.
Through money-making apps, CherryBlos starts displaying ads to users. Clicking on these ads can lead users to phishing websites. This malware is designed to engage in financial scams and has become a threat to smartphone users. It is important for users who download apps from the Google Play Store to be aware of this and exercise caution while using their smartphones.
Indeed, the Mobile Application Reputation Service team of the cybersecurity firm Trend Micro has discovered these new malwares. It is reported that these malwares are gaining entry into smartphone users’ devices through money-making apps. They are using popular social media platforms like Twitter, YouTube, Telegram, and Google Play Store as a means to target smartphone users. These two Android malwares are known as CherryBlos and FakeTrade.
CherryBlos operates by displaying ads through money-making apps to start its malicious activities. Clicking on these ads, even by mistake, can lead users to phishing websites and put their smartphones at risk.
When a malware-infected app is installed from a phishing website, it starts stealing information related to the user’s cryptocurrency wallet. Moreover, after obtaining accessibility permissions on the device, these apps also read media files on the smartphone.
This malware utilizes Optical Character Recognition (OCR) to scan the user’s private and banking information.
Regarding the FakeTrade malware, apps associated with it were seen on the Play Store in 2021. However, these apps have now been removed from the Play Store. Security firms advise users to download apps only from official and trusted stores and developers to avoid such malware attacks.
