Hackers are using Google search results to spread fake apps filled with malware — don’t fall for this
By Amber Bouman
Copyright tomsguide
Skip to main content
Tom’s Guide
Newsletters
View Profile
Search Tom’s Guide
You May Like
Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
This Android malware poses as real apps to take you to dangerous sites and flood your phone with spam
This dangerous banking trojan now uses scheduled maintenance to hide its malicious activities — don’t fall for this
Phone Insights
Phone Best Picks
Phone Deals
Phone Face-Offs
Phone How-Tos
Phone Reviews
Network Carriers
Android Phones
Google Phones
Motorola Phones
OnePlus Phones
Samsung Phones
Nothing Phone
TV Best Picks
TV Face-Offs
Audio Insights
Audio Best Picks
Audio Deals
Audio Face-Offs
Audio How-Tos
Audio Reviews
Over-Ear Headphones
Bluetooth Speakers
Entertainment
Streaming Devices
Prime Video
Paramount Plus
Playstation
Gaming Peripherals
Connections
Computing Insights
Computing Best Picks
Computing Deals
Computing Face-Offs
Computing How-Tos
Computing News
Computing Reviews
VPN Best Picks
VPN Face-Offs
VPN How-Tos
VPN Reviews
Operating Systems
Malware & Adware
Smart Glasses
Chromebooks
Gaming Laptops
Apple Desktops
Gaming Desktops
Android Tablets
Computing Brands
AI Insights
AI Best Picks
AI Face-Offs
Google Gemini
Apple Intelligence
Mattress Best Picks
Mattress Deals
Mattress Face-Offs
Mattress How-Tos
Mattress News
Mattress Reviews
Mattress Care
Mattress Toppers
Pillows & Bedding
Smartwatches
Fitness Trackers
Smart Rings
Apple Watch
Home Insights
Home Best Picks
Home Face-Offs
Home How-Tos
Home Reviews
Home Topics
Home Appliances
Home Office
Home Security
Home Brands
Popular Brands
View Phones
Phone Insights
Phone Best Picks
Phone Deals
Phone Face-Offs
Phone How-Tos
Phone Reviews
Network Carriers
View Network Carriers
Android Phones
View Android Phones
Google Phones
Motorola Phones
OnePlus Phones
Samsung Phones
Nothing Phone
TV Best Picks
TV Face-Offs
Audio Insights
View Audio Insights
Audio Best Picks
Audio Deals
Audio Face-Offs
Audio How-Tos
Audio Reviews
Headphones
View Headphones
Over-Ear Headphones
View Speakers
Bluetooth Speakers
Entertainment
View Entertainment
View Streaming
Streaming Devices
Prime Video
Paramount Plus
View Gaming
Playstation
Gaming Peripherals
Word Games
Connections
View Computing
Computing Insights
Computing Best Picks
Computing Deals
Computing Face-Offs
Computing How-Tos
Computing News
Computing Reviews
VPN Best Picks
VPN Face-Offs
VPN How-Tos
VPN Reviews
View Hardware
View Software
Operating Systems
View Security
Malware & Adware
View VR & AR
Smart Glasses
View Laptops
Chromebooks
Gaming Laptops
View Desktops
Apple Desktops
Gaming Desktops
View Tablets
Android Tablets
Computing Brands
AI Insights
AI Best Picks
AI Face-Offs
AI Engines
Google Gemini
Apple Intelligence
View Wellness
Mattresses
View Mattresses
Mattress Best Picks
Mattress Deals
Mattress Face-Offs
Mattress How-Tos
Mattress News
Mattress Reviews
Mattress Care
Mattress Toppers
Pillows & Bedding
View Fitness
Smartwatches
Fitness Trackers
Smart Rings
Apple Watch
Home Insights
Home Best Picks
Home Face-Offs
Home How-Tos
Home Reviews
Home Topics
Home Appliances
Home Office
Home Security
View Outdoors
Home Brands
Popular Brands
Exclusive Apple Interview
iPhone 17 Pro
Wordle Today
Best laptops
Best Mattress
Don’t miss these
Malware & Adware
Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
Malware & Adware
This Android malware poses as real apps to take you to dangerous sites and flood your phone with spam
Malware & Adware
This dangerous banking trojan now uses scheduled maintenance to hide its malicious activities — don’t fall for this
Malware & Adware
200,000 passwords, credit card data and more stolen by this dangerous new malware — how to stay safe
Online Security
Beware: Hackers are using fake credit card emails to steal all your passwords
Online Security
Hackers are using fake TikTok Shops to steal money and spread malware — don’t fall for this
Online Security
I almost got hit with a phishing attack and a malicious app last week — here’s how I knew not to click
Online Security
Millions hit in quishing attacks as malicious QR codes surge — how to stay safe
Malware & Adware
Macs under attack from ‘cracked’ apps spreading dangerous info-stealing malware — don’t fall for this
Online Security
Macs under attack from dangerous new info-stealing malware — how to stay safe
Malware & Adware
Booking.com phishing scam is infecting users with malware by using lookalike URLs — don’t fall for this
Malware & Adware
Godfather malware is now hijacking legitimate banking apps — and you won’t see it coming
Malware & Adware
This Android spyware is posing as an antivirus app to steal your photos and passwords — how to stay safe
Malware & Adware
This spyware is stealing photos on iPhone and Android — protect yourself now
Online Security
New QR code threat can infect your phone as soon as you scan
Online Security
Malware & Adware
Hackers are using Google search results to spread fake apps filled with malware — don’t fall for this
Amber Bouman
16 September 2025
Signal, WhatsApp and Chrome are just some of the popular apps being impersonated in search engines
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Shutterstock)
A new malware campaign is using SEO poisoning in order to lure victims into downloading fake versions of common apps that are malicious. As reported by Cybernews, reports that hackers are putting malware into fake apps that mimic popular legitimate ones like Signal, WhatsApp and Chrome in order to trick victims into downloading their malicious versions instead.
FortiGuard Labs researchers have identified this new attack which both tricks users and games the search algorithms by using SEO plugins and registered lookalike domains in order to get to the top of search results. Once a victim is on their fake website, they’re fooled into downloading a trojanized installer of one of many commonly searched for apps like Telegram, Deepl, Line or others.
The mimicked websites are able to deliver malware from several known families but those that have been reported include Hiddengh0st and a new Winos variant. Malicious components have been bundled into the installer packages, which appear to also download the real applications, and after launching malicious DLLs will also drop along with hidden directories, administrator privileges and functions to help the malicious code evade detection.
You may like
Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
This Android malware poses as real apps to take you to dangerous sites and flood your phone with spam
This dangerous banking trojan now uses scheduled maintenance to hide its malicious activities — don’t fall for this
From there, attackers can easily collect information about the device and the victim, log keystrokes and clipboard information, load plugins for surveillance and control as well as enumerate any antivirus and security tools, or capture screen activity. The plugins that the malware can deliver also suggest the possibility that the hackers behind the attack can intercept app communications from Telegram.
How to stay safe from fake sites in search results
(Image credit: Thaspol/Adobe)
According to FortiGuard Lab’s report, this new campaign mainly targets Chinese-speaking users. Still though, SEO poisoning is a serious problem because it pushes fake sites to the top results of search rankings so that even careful internet users can be tricked if they’re not vigilant. Similar campaigns in the past have exploited top company names like PayPal, Apple, Bank of America, Netflix and Microsoft and led victims to fake sites where they were prompted to download malware. Cybercriminals have even purchased sponsored ads in order to pretend to be major brands.
To stay safe, be vigilant: Hover your mouse over the top search results to make sure they don’t contain any misspellings or odd characters. Look for any mismatches between what the result should be and what the URL leads to. Always be suspicious of any site that is promising free downloads or anything that sounds too good to be true. Likewise, If you know a company’s website already, enter it in manually in the web browser.
And to ensure safe online practices, make sure you’re protected by one of the best antivirus software solutions that’s kept up-to-date; also know how to use all its extra features like a VPN or hardened browser.
Sign up to get the BEST of Tom’s Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.
SEO poisoning is nothing new and if there’s a chance to game the algorithm to reach the top spot in search engines, hackers are going to leverage this opportunity. That’s why it’s up to you to be extra careful online when downloading new apps or software. When in doubt, just head right to an official app store instead of trying to download new programs the old fashioned way.
Follow Tom’s Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!
More from Tom’s Guide
Those urgent text messages aren’t from your motor vehicle department – here’s how to tell they’re fake
7 iPhone security settings you should enable right now to lock down your smartphone
Skincare giant Clarins allegedly hit in data breach with 600,000 customers exposed — what you need to know
Contract Length
Any Contract Length
12 Months Contracts
Showing 4 of 4 deals
Mac Premium Bundle
$39.99View
75% off – 1st year
Norton 360 Deluxe
McAfee+ Premium – Unlimited Devices
$49.99View
McAfee+ Premium – Unlimited Devices
$49.99View
See more Computing News
Amber Bouman
Social Links Navigation
Senior Editor Security
Amber Bouman is the senior security editor at Tom’s Guide where she writes about antivirus software, home security, identity theft and more. She has long had an interest in personal security, both online and off, and also has an appreciation for martial arts and edged weapons. With over two decades of experience working in tech journalism, Amber has written for a number of publications including PC World, Maximum PC, Tech Hive, and Engadget covering everything from smartphones to smart breast pumps.
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
This Android malware poses as real apps to take you to dangerous sites and flood your phone with spam
This dangerous banking trojan now uses scheduled maintenance to hide its malicious activities — don’t fall for this
200,000 passwords, credit card data and more stolen by this dangerous new malware — how to stay safe
Beware: Hackers are using fake credit card emails to steal all your passwords
Hackers are using fake TikTok Shops to steal money and spread malware — don’t fall for this
Latest in Malware & Adware
This new Android banking trojan can automatically transfer money off your phone to hackers
Macs under attack from ‘cracked’ apps spreading dangerous info-stealing malware — don’t fall for this
Google wants to fight Android malware by making sideloading more difficult — here’s how
Dangerous Android banking trojan found lurking in malicious apps with 19 million installs — don’t fall for this
Booking.com phishing scam is infecting users with malware by using lookalike URLs — don’t fall for this
This Android spyware is posing as an antivirus app to steal your photos and passwords — how to stay safe
Latest in News
Microsoft alters how Xbox controllers access the Task menu in Windows 11 — how it works
watchOS 26 is here — and these Apple Watch models are eligible for an upgrade
YouTube video reveals new Meta smart glasses and wristband right before Meta Connect
Hackers are using Google search results to spread fake apps filled with malware — don’t fall for this
Holy forking shirtballs! Netflix is losing one of the most beloved comedy series of all time — here’s where you can watch it next
You won’t see this twist coming: Paramount Plus has the perfect psychological thriller streaming now
LATEST ARTICLES
You won’t see this twist coming: Paramount Plus has the perfect psychological thriller streaming now
Experts predict a ‘surge in rat activity this winter’ — here’s how to prepare in 5 easy steps
iPhone 17 Pro Max vs. iPhone 14 Pro Max: Time for an upgrade?
I almost got hit with a phishing attack and a malicious app last week — here’s how I knew not to click
I’ve had two hip replacements — here’s the exact mobility workout I used to get my strength back
Tom’s Guide is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
Terms and conditions
Contact Future’s experts
Privacy policy
Cookies policy
Accessibility Statement
Advertise with us
Future US, Inc. Full 7th Floor, 130 West 42nd Street,
Please login or signup to comment
Please wait…
