APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat actors to distribute Trojans to Android devices.
In an incident that’s similar to that of German telecommunications equipment manufacturer Gigaset, the APKPure client version 3.17.18 is said to have been tampered with in an attempt to trick unsuspecting users into downloading and installing malicious applications linked to the malicious code built into the APKpure app.
The development was reported by researchers from Doctor Web and Kaspersky.
“This trojan belongs to the dangerous Android.Triada malware family capable of downloading, installing and uninstalling software without users’ permission,” Doctor Web researchers said.
According to Kaspersky, the APKPure version 3.17.18 was tweaked to incorporate an advertisement SDK that acts as a Trojan dropper designed to deliver other malware to a victim’s device. “This component can do several things: show ads on the lock screen; open browser tabs; collect information about the device; and, most unpleasant of all, download other malware,” Kaspersky’s Igor Golovin said.
In response to the findings,…