Over 50 Android Apps Found Spreading MagicAd Trojan via Official Stores
ID: 7b42880d-6321-58d6-aa01-118be1e0edfa
STIX ID: report--7b42880d-6321-58d6-aa01-118be1e0edfa
Feed Name: HackRead
Researchers at Doctor Web discovered Android.MagicAd.1, a trojan distributed through over 50 compromised games and utilities — including apps briefly hosted in official stores such as Samsung Galaxy Store and Xiaomi GetApps — that decrypts hidden native components to install a persistent ad-delivery payload. The malware evades detection by rotating app listings, hides its icon, and bypasses Android background/window restrictions by abusing trusted system apps (pending intents, Binder IPC, or silent media playback) to display persistent transparent ads; identified malicious apps have since been removed from official stores.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
