How cybercriminals use common apps on Google Play to spread malware

Cybercriminals are using updates of apps on Google Play to infuse malware to spy on users and access their data. They bypass Google’s safeguards by uploading harmless-seeming apps, then infiltrate them with malware once they’ve gained a substantial user base. In 2023, such apps were downloaded over 600 million times, affecting a variety of categories like photo editing, games and health trackers. Measures to protect oneself include careful examination of an app’s publisher and details, avoiding apps not verified by Google, and paying heed to customer reviews.