December 5, 2022
The Google Play store has developed a notorious reputation for being a hub for all kinds of malware. Despite the ostensible best efforts of moderators, it seems that malware laden apps still manage to find their way onto the store. Trojan subscribers are especially popular here because of the fact that this is the sort of thing that could potentially end up subscribing unwitting users to various services that they never asked for and which they would unknowingly be paying for.

With all of that having been said and now out of the way, it is important to note that there is a particular kind of Trojan subscriber that has been making the rounds on the Play Store by the name of Harly. It is fairly similar to the Jocker Trojan, and that suggests that both these types of malware could potentially have the same origin or creator.

Harly Trojan containing apps have been on the Play Store since at least 2020, and there have been around 190 of them so far with all things having been considered and taken into account. These apps have received at least 4.8 million downloads, although this is a low ball estimate so the actual number could very well be a great deal higher than anyone suspects.

If you come across an app that is infected with Harly, you might not even be able to tell that it is a suspicious app to download. That’s because the scammers behind this app download legitimate apps, inject them with malicious code and then put them back up on the Play Store so that unsuspecting users can get scammed.

See also  Over 24 million US Families Have Been Target for Multiple Account Frauds in The Past Year

What makes these apps even riskier to use is that they provide all of the functionality that a user would expect, so you might not even know that you are the victim of a Trojan subscriber before it is too late.

One thing that differentiates Harly from other members of the Jocker malware family is that it’s not a multi-stage downloader. Instead, this trojan puts the entire payload within a single app, and then decrypts it using a variety of methods.

This just goes to show how important it is for users to be cognizant of the dangers of downloading low quality apps. It is best to thoroughly research apps before downloading them to make sure they are safe and don’t contain any type of malware.

H/T: Kaspersky

Read next: Annual Cyber Attacks Targeting US Businesses Rise to 42