Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store.
The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.

android android apps apps caught cluster cybercriminals devices findings golang google google play google play store human intelligence malicious malicious apps mobile mobile devices operating system phones play play store proxies running satori store system team threat threat actors threat intelligence turn vpn