Android device users have been cautioned about two new malware varieties known as CherryBlos and FakeTrade. These malicious programs are spreading through 31 different applications, stealing users' passwords. While they have been discovered on the Google Play Store, they can also be found on various social media platforms, including YouTube, Twitter, and Telegram. Users who have downloaded these apps should remove them immediately to ensure their account security, considering their passwords could be at risk or might have been stolen already.

The CherryBlos and FakeTrade malware were first identified by cybersecurity company Trend Micro. The firm outlined that the CherryBlos malware variant has been infecting devices since April. The culprits behind these malware operations cleverly inject them into numerous applications. These apps are often seen as shopping or money-making applications and some even impersonate legitimate businesses and ChatGPT services.

Fortunately, these infected apps have only been downloaded a few thousand times in total before Google detected and removed them from the Play Store. It's crucial to note that if a user has downloaded one of these apps, they need to manually uninstall it from their device. Otherwise, their personal information, particularly passwords, could be compromised if it hasn't been compromised already.

CherryBlos uses various strategies to steal passwords, as stated by TrendMicro. The primary method involves using false overlays that appear atop genuine banking and cryptocurrency apps. As a result, when users input their account details, they inadvertently send their passwords directly to the culprits behind the malware attack. Hackers also employ optical character recognition (OCR) technology to pilfer passwords from screenshot images stored in victims' photo galleries.

The list of 28 scam applications spreading the Faketrade malware comprises Ama BBShop, Canyon Compass, Domo Envoy, Fiar FIRETOSS, Gobuy Godo, Goshop Huge, Koofire, Leefire, Moshop NTBuy, OneFire, Papaya Pudding, Saya, Sengre, Smartz Tango, Timeshop Tinuiti, Upwork WebFX, and Youtech. On the other hand, the CherryBlos malware variation can be found in applications such as GPTalk, Happy Miner Robot 999, and SynthNet. It is advisable for all Android users to stay vigilant and maintain the security protocols to mitigate the risks associated with these cyber threats.