Hundreds of malicious apps are lurking on the Android Play Store, and have already been downloaded by millions

Over 200 apps have been downloaded nearly 8 million times

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

We’ve all made the mistake of downloading some useless apps at one point or another, but there used to be a degree of certainty that the fake beer drinking app or the wild west sound effect buttons wouldn’t turn out to be spyware - as long as you got it directly from an official app store. However,new research from Zscalersays this might not be the case anymore.

The company’s latest ThreatLabz OT Threat Report has identified over 200 malicious apps available on the official Android app store, which have already been downloaded by 8 million users so far.

The news comes alongside a 101% rise in spyware year-over-year, as well as a 29% increase in bankingmalwareattacks, suggesting the motives for the attacks remain primarily financial, as banking malware allows threat actors to steal your credentials not just to use themselves, but also to sell on to other criminals.

More than a few bad apples

The targets of these attacksmirror research on other types of cyberattack, with the education, technology, and manufacturing sectors experiencing the most incidents.

Education proves once again to be attractive to cybercriminals, and saw a 136% increase in attacks in the last year.

As more and more of us work from home, we introduce more software to enable us to connect or for productivity in hybrid environments, but these open the landscape up for threat actors to exploit.

“Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks,” said Deepen Desai, Chief Security Officer at Zscaler.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“Mobile malware and AI driven vishing attacks adds to that list making it critical for CISOs and CIOs to prioritize an AI poweredzero trust solutionto shut down attack vectors of all kinds safeguarding against these attacks.”

These arenot the first reports of infected appseven from the officialPlay store, so we recommend checking reviews, number of downloads, and ratings when looking for something new.

More from TechRadar Pro

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

Google puts Nvidia on high alert as it showcases Trillium, its rival AI chip, while promising to bring H200 Tensor Core GPUs within days

A new form of macOS malware is being used by devious North Korean hackers

How to turn off Meta AI