Play Store Gets Hacked, Fake VPN App Intrudes – Bestgamingpro | #firefox | #chrome | #microsoftedge | #education | #technology | #infosec

Spyware can take many forms, and Google’s Threat Analysis Group discovered that state-sponsored hackers had disguised their malicious software as a VPN app and uploaded it to the Play Store in May of last year.

The Google Threat Analysis Group watches a wide range of threats in order to notify its users if they’ve been targeted on the internet. State-sponsored hackers from Iran known as APT35 were one of the more notable campaigns recently investigated by Google’s Threat Analysis Group.

In May of 2020, Google’s threat researchers discovered that APT35 had attempted to upload malware to the Google Play Store by imitating a VPN software in disguise.

If downloaded to a user’s phone, this phony VPN software may record confidential information such as phone logs, SMS messages, contact lists, and GPS location data.

However, despite this, Google caught the program promptly and removed it from the Play Store before any users could download or install it.

Still, in July 2021, Google identified APT35 attempting to distribute this fraudulent VPN software on other platforms.

A hacker steals your password and uses it to log into your email account.

In April, APT35 accessed a website associated with a university in the UK and used it to house a phishing kit, according to a new blog post from Google’s Threat Analysis Group.

After taking control of the site, the intruders sent email messages containing links to it in an attempt to obtain credentials for several popular email services, including Gmail, Hotmail, and Yahoo.

While this strategy is also used by cybercriminals, APT35 has depended on it since 2017 to target high-value accounts in a wide range of industries, such as government, education, journalism, NGOs, foreign policy, and even national security.

When Google detects that a government-sponsored hacking organization like APT35 is targeting its users, the company’s Threat Analysis Group sends out alerts to let them know they’ve been identified as a target.

Simultaneously, Google utilizes Google Safe Browsing, which is built into Chrome, to block malicious domains.

Over the last several years, cyber dangers have grown significantly, prompting Google to advocate for ‘high risk’ users to join its Advanced Protection Program and promising to give out 10,000 security keys in 2021.