"Eight Million Users Install 200+ Malicious Apps from Google Play"

Between June 2023 and April 2024, security researchers at Zscaler discovered over 200 malicious apps on Google Play, which is nominally a safer platform for Android downloads than third-party app stores.  These apps collectively garnered more than eight million installs.  The researchers noted that Joker was the most prolific malware, accounting for nearly two-fifths (38%) of malicious apps identified by Zscaler. Joker enables Wireless Application Protocol (WAP) fraud, by covertly subscribing victims to premium-rate services without their consent.  Adware came second, comprising 35% of detected malware, followed by Facestealer (14%), designed to harvest Facebook credentials to hijack accounts.  The researchers noted that the “Tools” category was the most abused by threat actors on the Play Store, accounting for nearly half (48%) of malware-infected apps.  Malicious personalization (15%) and photography (11%) apps were also commonplace. 

Infosecurity Magazine reports: "Eight Million Users Install 200+ Malicious Apps from Google Play"