The unofficial app store for the Android platform, APKPure, which allows users to download and use Android apps that are not available on Google Play, has been marred with malicious adware. According to a recent report by cybersecurity firm Kaspersky, the most recent version of the application, 3.17.18, contains malicious code that can install dangerous Trojans on victims’ devices. If you use the APKPure app store, it is recommended to update to a new version now.
In its blog post, reporting on the detection of the malicious code, Kaspersky reports that it notified developers about the infection in version 3.17.18 on April 8. APKPure quickly resolved the issues with the instant release of version 3.17.19 with security fixes.
The malware detected can extract data from the victim’s smartphone, without being prompts, and sends advertisements to the phone that can be viewed on the lock screen or in the background. The fraudulent code also generated more downloadable malware, putting already victimized devices at further risk.
The malware found in the APKPure app is an adware SDK whose source cannot be traced. The malware has been removed from the application and updated to a new version with security fixes. The old and infected version has reportedly been removed and the new version 3.17.19 can now be downloaded from the site.
Android users are advised to download apps from the Google Play Store only because the viability of apps installed from third-party app stores can never be guaranteed. Nonetheless, these app stores are thriving, users download old versions of apps and apps that are not available on the Play Store from non-official stores.