CLICK HERE FOR KURT'S FREE CYBERGUY MAGAZINE, ENHANCED SECURITY, TIPS, NOTICES AND HOW TO BE RESPONSIBLE
Well, my friends, welcome to the era of CherryBlos and FakeTrade, two new sneaky forms of Android malware discovered by Trend Micro that can steal your passwords and other valuable data from your photo album.
What is Cherry Blossom?
Let's talk about CherryBlos first. This malware is now, believe it or not, disguised as an AI-powered cryptocurrency mining application known as SynthNet. The camouflage is so convincing that it managed to infiltrate the Google Play Store, forcing users to download it. But the trick doesn't stop there.
When you enter your username and password thinking you're logging into your account, you're actually clicking on a fake overlay created by CherryBlos. So instead of accessing your account, you are handing over your valuable credentials to this digital hacker.
How CherryBlos can steal your passwords from images
This is even more ominous. CherryBlos is not limited to the data you actively enter. It uses optical character recognition, or OCR, to read text from images.
This means that if you have saved screenshots of your passwords or sensitive information on your device, CherryBlos can also read and steal them. It's as if I left a written note with the passwords of the burglars in your house.
However, unlike legitimate programs, these scam programs never allow you to redeem these rewards. The transition to the promised real benefits never happens. A prize chest is like constantly collecting tickets in an always-closed arcade.
So, as tempting as it may seem, remember that these rewards are just an illusion. They are part of a scam scheme to get you involved, but they never deliver on what they promise. This is the insidious nature of the FakeTrade malware and its malware network.
To make it easier for you, we have a list of 31 scam programs that distribute FakeTrade stuff. If you see any of these apps on your phone, it's time to say goodbye:
to be prolonged
ANDROID MALWARE DETECTED IN OVER 100 POPULAR PROGRAMS
Google is fighting malware in the Play Store
We contacted Google about the malware, and a company representative told us:
“All malicious apps identified in the report have been removed from Google Play. We take complaints about the security and privacy of apps very seriously, and if we find that an app violates our policies, we will take appropriate action. Google Play Protection protects users of apps that contain this malware on Android devices with Google Play services, even if those apps come from sources other than Play."
While Google Play Protection is a built-in malware protection for Android devices and automatically removes known malware. It is important to note that Google Play protection may not be sufficient. Historically, this is not 100% effective in removing all known malware from Android devices.
How to protect your digital life
So, how do you protect your digital life from these virtual villains? Let's take a look:
Be careful where you download - stick to the official Google Play store like glue. It's not perfect, but it's a lot safer than those dodgy third-party app stores or those seemingly harmless APKs shared in your group chat.
Play app explorer: Don't click Download just because an app looks good. He scratched a little. Check out developer reviews, other apps, and the website. If something looks suspicious, it probably is!
Break the habit of taking screenshots - it's important, people! Stop taking screenshots of your passwords. I just mean it.
Stay informed: Keep your phone's apps and software in top shape by installing regular updates. It often contains basic security solutions to keep you safe.
Be mindful of app permissions: When a wallpaper app asks for your contact list, you know it's a red flag. Know what you are giving permission for.
Arm yourself with an antivirus: An antivirus app can act as your personal security and scan your phone for threats. Having antivirus software on your devices ensures that you no longer click on malicious links that can install malware on your devices, giving hackers access to your personal information.