A newly-detected mobile malware has infiltrated the Google Play Store, increasing mobile bills for hundreds of thousands of users. Cybersecurity researchers from Kaspersky recently discovered the Fleckpe malware family, which they say has been integrated into at least 11 Android apps, collectively downloaded around 620,000 times. The apps are primarily image editors, wallpapers, beauty apps, and similar.
Predominantly affecting Malaysians and Indonesians
Upon installation, the malware silently triggers either a one-time or monthly subscription to certain premium services. These services might either belong to a third party, with the malware operators receiving a cut, or they could belong to the threat actors themselves, allowing them to take the full amount. The attackers have earned a substantial sum since the malware’s activation in 2022, though the exact amount is unknown. Most victims are in Thailand, Malaysia, Indonesia, Singapore, and Poland, with a smaller percentage scattered worldwide.
Kaspersky stated, “All of the apps had been removed from the marketplace by the time our report was published, but the malicious actors might have deployed other, as yet undiscovered, apps, so the real number of installations could be higher.”
The full list of malicious apps can be found here. Users should uninstall these apps immediately and run an antivirus scan to clean up any residual code. This type of malware does not demand ransom payments or destroy data on the endpoint, but it can steal personally identifiable information and result in higher charges from telecom providers. To avoid such incidents, users should check app store reviews and ratings before downloading.