Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Cybercriminals can pay $20k to spread malware on the Google Play store

Play Store

Hackers are paying up to $20,000 to get malicious apps into Google's Play Store, researchers have found.

Getting malware into the Google Play Store is something of a jackpot for cybercriminals. The app repository enjoys a high level of trust among Android users, and most of the time, they’re happy to download apps found there without second-guessing their intentions. 

To maintain its high level of trust, Google takes a number of precautions, including pre-screening apps to make sure they’re legitimate, and removing malicious ones as soon as they’re discovered.

Installing malware via updates

That’s why hackers who’ve found a way to sneak malicious apps into the repository are happy to sell that backdoor - for as much as $20,000. This is according to cybersecurity researchers from Kaspersky, as The Register reports.

The cybersecurity firm studied nine dark-web marketplaces between 2019 and 2023 and found a working, but expensive, method of getting malware to the Play Store on offer.

It’s called a “loader” - a mobile app that looks legitimate, but will at one point try to install an “update” that is malicious. The app might even work as advertised in the beginning, until at one point, it will no longer function until it’s updated, or otherwise force the victim to update another way. 

These loaders can be purchased on the dark web, ranging from $2,000, to $20,000. The price depends on the features the loader has. A user-friendly UI design, a convenient control panel, victim country filter, support for newer versions of Android, and similar, all dictate the price, Kaspersky says.

"Cybercriminals may also supplement the trojanized app with functionality for detecting a debugger or sandbox environment," the researchers added. "If a suspicious environment is detected, the loader may stop its operations, or notify the cybercriminal that it has likely been discovered by security investigators."

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.