Trend Micro finds 2 new types of malware on Google Play Store! Is it on your phone? Delete now

Trend Micro has found two new types of Android malware called CherryBlos and FakeTrade on the Google Play Store.

| Updated on: Jul 30 2023, 15:23 IST
Google Cloud, Noventiq to Cisco- top cybersecurity options you can use against online threats
1/5 Google Cloud: It provides advanced security solutions to help businesses protect data and applications. Google Cloud also uses machine learning and AI to help detect and respond to security threats in real time. (Reuters)
image caption
2/5 Cisco: It is a networking and cybersecurity company that provides a wide range of security solutions. They offer the network security, cloud security, and endpoint protection solutions.  (Cisco)
image caption
3/5 Noventiq: The company enables, facilitates and accelerates digital transformation for its customers’ businesses, connecting 75000+ organizations from all sectors with hundreds of best-in-class IT vendors, alongside its own services and solutions.  (Pexels)
image caption
4/5 Symantec is a cybersecurity company that offers a wide range of security solutions, including antivirus software, endpoint protection, and data loss prevention. Symantec's security solutions are designed to be easy to use and manage. (Pexels)
image caption
5/5 Trend Micro: It provides solutions for network security, cloud security, and endpoint protection. The company uses advanced AI and machine learning technologies to detect and respond to security threats in real-time.  (Unsplash)
icon View all Images
These harmful apps utilize different ways to spread onto users' phones, such as social media, phishing sites, and deceptive shopping apps on Google Play Store. (Unsplash)

Cybercriminals are constantly evolving their tactics to stay ahead of cybersecurity measures, much to the despair of innocent smartphone users. This makes it crucial for users and businesses to stay vigilant and adopt robust security measures, because if they don't, they stand to lose their valuable data and money to hackers.

Cybersecurity company Trend Micro has found two new types of Android malware called CherryBlos and FakeTrade on the Google Play Store, according to a report by BleepingComputer. But these harmful apps are not limited to the Play Store; they are also spreading through social media and fake websites in the form of APK files that people can install.

The harmful apps utilize different ways to spread, such as social media, phishing sites, and deceptive shopping apps on Google Play, which is the official app store for Android.


CherryBlos is a cryptocurrency stealer that exploits Accessibility service permissions to fetch configuration files from the C2 server, auto-approves additional permissions, and stops users from detecting and deleting this malicious app.

In a recent blog post, Trend Micro mentioned that they noticed the CherryBlos malware being spread as an APK in April of this year. The malware was being advertised on Telegram, Twitter, and YouTube as a cryptocurrency mining app called SynthNet, claiming to be powered by AI. It was also available on the Play Store, but luckily, Google removed it after only a few thousand downloads.

Fake Trade campaign

Trend Micro analysts also discovered a concerning campaign named "FakeTrade" on Google Play Store. In this campaign, 31 fraudulent apps were identified, all referred to as "FakeTrade," which were utilizing identical C2 network infrastructures and certificates as the previously identified CherryBlos apps. These deceitful apps employ shopping-related themes and money-making offers to deceive users. The tactics involve tricking users into watching ads, subscribing to premium services, or adding funds to their in-app wallets, but ultimately preventing them from cashing out the promised virtual rewards.

How to stay safe from malware?

Using a top-notch password manager is a secure way to store all your passwords in a single place without the need to remember each one individually. You only need to recall the master password for the password manager. To protect your Android device from malware, consider installing an Android antivirus apps. These apps scan both your current apps and any new downloads for viruses. While Google Play Protect offers similar protection and comes pre-installed on most Android phones, paid Android antivirus apps often provide additional features like a VPN or a password manager for added benefits.

According to a statement given to BleepingComputer by Google, the malware-infected apps mentioned have been successfully removed from Google Play. Google emphasized its commitment to addressing security and privacy concerns and taking necessary actions against policy violations.

Despite the removal, the situation remains concerning as numerous users have already downloaded the malicious apps, possibly necessitating manual clean-ups on affected devices. So, check whether these are on your phone and delete them promptly.

Follow HT Tech for the latest tech news and reviews , also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 30 Jul, 15:23 IST