Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For

Many threats on Android spread around the ecosystem through existing apps, such as SMS applications and email clients. Bitdefender took a closer look at just one week of activity and identified the most popular apps used to spread malware and potentially unwanted applications.
Bitdefender launched a new feature named Alert through its Bitdefender Mobile Security product for Android that lets the security solution investigate incoming SMSs and notifications. It’s an opt-in feature, so only users who grant the necessary permissions can use it.
It might be weird to see a security solution emphasize SMS apps, especially since it might seem like no one really uses them anymore. The truth is that many current malware campaigns, such as Flubot, are still waged mainly over SMS. SMS apps are still widely used, especially by companies that want to send information to users without depending on an Internet connection.
Shipping companies regularly use SMS messages to keep customers apprised of the status of packages, but Flubot operators use the same types of messages in many campaigns. And that’s just one example of a type of company that could send an SMS message.
Flubot is not the only game in town
Flubot is spreading banker trojans through the entire Android ecosystem, but there are plenty of other threats, like phishing, frauds, or just potentially unwanted applications (PUA). This latter category is vast and includes apps that collect data they shouldn’t, abuse permissions to generate ad revenue, or trick users into making large payments, just to name a few.
And, of course, there is the never-ending wave of spam that hits people every day. With Scam Alert, it’s possible to intercept many of these threats before they become a problem. For example, when the user receives a notification from their email client containing a malicious URL, Scam Alert immediately issues a warning.

The problem is that many apps use the notification system, and some downright abuse it. Google Chrome is a good example, although it’s nothing Google can correct. We’ve all seen websites that request access to the notification system only to send countless annoying notifications.
PUA and malware are different beasts
Most PUA threats and spam spread over emails, but that’s not surprising. Interestingly enough, SMS apps are going strong as an infection vector, even though it’s not the first kind of app we think of when it comes to PUA or spam.

Malware, on the side, benefits fully from SMS as an infection vector, especially because Flubot campaigns are proliferating swiftly right now in many parts of the world. SMS apps dominate when it comes to spreading malware, with the rest trailing behind. It will be interesting to check this telemetry when Flubot is not so active, but it’s been going for a few months, jumping from one country to another.

Scam Alert is the perfect tool for these types of threats, and it’s integrated into Bitdefender Mobile Security by default. It offers the right kind of protection at a time when people are inundated by malicious SMS messages carrying malware and waves of frauds, spam and PUA apps that hound users every single day. The telemetry in these charts was gathered in just one week, from May 10 to May 17, 2022.
