The National Computer Emergency Response Team (NCERT) has issued an advisory for Android users about a malicious campaign launched by Konfety Group, a notorious hacker group.
The NCERT warning states that Konfety Group attacked Android users with over 200 infectious applications on the Google Play Store.
Konfety apps pose threat to Android devices
Infamous as “Konfety Apps”, the campaign utilised Evil Twin apps designed to emulate authentic software for financial gain through ad fraud.
Although such apps have been removed from the app marketplace by Google, the NCERT advisory entails a set of guidelines to protect devices from such elements.
The advisory also states that the cybercriminals used disseminated modified APKs through advertising channels to trap users into downloading the bug-infected apps.
Upon installation, function as droppers, crafting a loophole on devices for obfuscated stagers and backdoored software development kits (SDKs) to execute harmful activities including ad fraud, payload installation, posing a great risk to users’ personal on-device data.