Malicious Apps Steal Data, Bypass Google Security

Security researchers have uncovered a large-scale ad fraud and phishing campaign, named 'Vapor', involving over 331 malicious apps downloaded more than 60 million times from the Google Play Store. These apps, initially appearing legitimate, added malicious functionalities post-installation, displaying full-screen ads, and attempting to steal credentials and credit card information. The apps were able to bypass Android's security features by hiding malicious updates in later stages, thus avoiding detection during the initial review process. Although Google has removed these apps, there's concern about the attackers' ability to evade security measures and reintroduce threats through new apps. In a separate incident, scammers are distributing malware through cracked versions of TradingView Premium, targeting crypto wallets by exfiltrating user data using Lumma Stealer on Windows and AMOS on Mac. The attackers often pose as customer support to bypass security protocols, further emphasizing the need for vigilance against such schemes.