We well know that the threats we find on the Internet are very dangerous but there are some that affect and spread more than others, this is the case of Hiddad was one of the most sought malware, this threat was focused on Android devices that in fact Now it is in the Top of the most wanted malware with 40.33% of its attacks directed at the Russian Federation. Its functions include gaining access to key security details embedded in the operating system, allowing a cybercriminal to collect confidential user data.
Its main function is to display ads. However, you can also gain access to key security details embedded in the operating system, allowing a cybercriminal to obtain sensitive user data. This threat presents itself as a YouTube downloader and is usually marketed on Google Play under the tag Tube mate or Snap Tube. All the apps that distribute this malware have a lot of 5-star ratings from users, and they show why it is important to read the reviews and not just count the number of 5-star ratings.
Hiddad starts with a low-key approach. When installing, all the applications of the Hiddad family have the same name, “Music Mania”, and the same icon, without suspicious permission requests but, after clicking “Install”, we can see that another application called “android plugin “is requesting installation permission, and if we click next, we will see that it is requesting device administrator privileges.
Newer versions of Hiddad include several repackaged games, but they all share the same common behavior – they require users to rate them five stars to unlock some features: unlock content like wallpapers, remove ads, or increase game playability. This attempt by users to remove the ads has the interesting impact of making Hiddad apps have high ratings on Google Play, increasing their visibility and causing them to be downloaded by more victims and that is why you always have to pay close attention to what you download.
Related reads:
xHelper Trojan that hits Android real hard
Triada Trojan that terrorized Android in its time
[…] reads:Hiddad malware that affected Android systemsMobileInter Skimmer that targets mobile […]