Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns

An app was found with the same package name, label, and certificate as CherryBlos, but without the embedded malware. However, it is believed to have been developed by the same threat actor. The actor targets victims globally, uploading apps in various Google Play regions. Another two apps, Huge and Saya, also had the same certificate. More similar apps related to shopping schemes were identified.