Downloading malicious apps to official stores has become more difficult
Kaspersky Lab experts shared some interesting statistics collected using the Kaspersky Digital Footprint Intelligence service as a result of analyzing advertisements for the sale of malicious applications for Google Play on several forums on the dark web – Russian-speaking and international.
Prices for programs and developer accounts reach up to 20 thousand US dollars. To upload a malicious app to the store, you need to buy a developer account on Google Play and a malicious code uploader. Accounts are offered at prices ranging from $60 to $200. The cost of malicious downloaders varies from $2,000 to $20,000, depending on the complexity, novelty, and uniqueness of the code, as well as additional functionality.
Malicious Apps for Google Play are Selling on the Dark Web for $20,000
According to experts, on the dark web, it is most often proposed to embed malicious code in cryptocurrency trackers, various financial applications, QR code scanners, or dating applications. Such programs are posted on Google Play, and the malicious code is added later by the attackers. For an additional fee, attackers can obfuscate the code to make it harder to analyze the application and make it harder for security solutions to detect.
Three ways of cooperation are offered: for a share of the final profit, by subscription, and for the complete acquisition of an account or malware. Sellers can also offer to publish the app for the buyer so that they don’t have to interact directly with Google Play.
Alisa Kulishenko, a cybersecurity expert at Kaspersky Lab, said:
Mobile malware continues to be one of the most widespread cyber threats. In 2022, we discovered over 1.6 million such apps. However, there is good news – the effectiveness of protective solutions is also growing rapidly. On shady forums, the attackers complained that it had become more difficult to upload malicious applications to official stores.
