A popular cash-stealer malware dubbed Dark Herring has been wreaking havoc with Android devices, as it reportedly deprived users of hundreds of millions of dollars. In this wave of cyberattacks, almost 500 malicious apps from Google Play were impacted and managed to deploy Dark Herring.
How Dark Herring Works
The ones who discovered the now making headlines malware were the researchers from Zimperium. According to researchers, threat actors managed to steal from targets $15 a month per victim amounting to hundreds of millions in total.
It’s worth mentioning that Google addressed the issue meanwhile and removed the compromised applications (470) from its Play Store and the company also mentioned that the scam services are down at the moment.
There still remains the danger for those who already installed those apps, as they might be compromised. Besides, the apps remained active in third-party stores.
These malicious Android applications appear harmless when looking at the store description and requested permissions, but this false sense of confidence changes when users get charged month over month for premium service they are not receiving via direct carrier billing. Direct carrier billing, or DCB, is the mobile payment method that allows consumers to send charges of