The Google Play store has earned a notorious reputation as a hub for all kinds of malware. Despite the moderators’ apparent best efforts, it seems that malware-laden apps still manage to find their way into the store. Trojan subscribers are particularly popular here due to the fact that it’s the kind of thing that could potentially end up unwitting users subscribing to various services they never asked for and would unknowingly pay for. .
With all of that said and now out of the way, it’s important to note that there is a particular type of Trojan subscriber that has been making the rounds of the Play Store by the name of Harly. It is quite similar to the Joker Trojan, which suggests that these two types of malware could potentially have the same origin or creator.
Harly trojan apps have been on the Play Store for at least 2020, and there have been around 190 so far, all things considered and accounted for. These apps have received at least 4.8 million downloads, although this is a low estimate, so the real number could very well be much higher than anyone suspects.
If you come across an app infected with Harly, you might not even be able to tell it’s a suspicious app to download. This is because the crooks behind this app download legitimate apps, inject them with malicious code and then put them back on the Play Store so that unsuspecting users can get scammed.
What makes these apps even more risky to use is that they provide all the features a user would expect, so you might not even know you are a victim of a horse subscriber. of Troy before it’s too late.
One thing that makes Harly different from other members of the Joker malware family is that it is not a multi-step downloader. Instead, this Trojan places the entire payload in a single application and then decrypts it using various methods.
This shows how important it is for users to be aware of the dangers of downloading low-quality apps. It is best to research apps thoroughly before downloading them to make sure they are safe and do not contain any type of malware.
H/T: Kaspersky
Read next: Annual cyberattacks targeting US businesses rise to 42