CallPhantom Google Play fraud campaign targeting Android users in India and Asia-Pacific
Campaign
Summary
Hide ▲
Show ▼
The CallPhantom fraud campaign pushed 28 fake call-history Android apps through the Google Play Store, causing financial loss for users who paid for fabricated data. The apps collectively drew more than 7.3 million downloads before removal, with one app exceeding 3 million installs. The operation primarily targeted Android users in India and the broader Asia-Pacific region. Evidence suggests the activity may have been active since at least November 2025.
Related Happenings
Premium Deception Android malware campaign
Campaign
First: 20.05.2026 18:30
Last: 20.05.2026 18:30
Sources 1
About this happening:
The **Premium Deception** campaign used **nearly 250 fake Android apps** to enroll victims in premium mobile billing subscriptions, creating direct fraud risk across multiple coun...
Premium Deception Android malware campaign
CampaignAbout this happening: The **Premium Deception** campaign used **nearly 250 fake Android apps** to enroll victims in premium mobile billing subscriptions, creating direct fraud risk across multiple coun...
Android 17 expands platform security and privacy protections
Security Tool/Service
First: 12.05.2026 20:00
Last: 12.05.2026 20:00
Sources 1
About this happening:
**Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...
Android 17 expands platform security and privacy protections
Security Tool/ServiceAbout this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...
TrickMo C TikTok-lure campaign targeting banking and wallet users in France, Italy, and Austria
Campaign
First: 11.05.2026 18:15
Last: 11.05.2026 18:15
Sources 1
About this happening:
The **TrickMo** operators ran an active **TikTok-themed** campaign between **January and February 2026**, targeting **banking and wallet users** in **France, Italy and Austria**....
TrickMo C TikTok-lure campaign targeting banking and wallet users in France, Italy, and Austria
CampaignAbout this happening: The **TrickMo** operators ran an active **TikTok-themed** campaign between **January and February 2026**, targeting **banking and wallet users** in **France, Italy and Austria**....
Google expands Binary Transparency for Android for production app verification
Security Tool/Service
First: 06.05.2026 12:13
Last: 06.05.2026 12:13
Sources 1
About this happening:
Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...
Google expands Binary Transparency for Android for production app verification
Security Tool/ServiceAbout this happening: Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...
Google overhauls Android and Chrome bug bounty programs
Commercial Activity
First: 05.05.2026 14:24
Last: 05.05.2026 14:24
Sources 1
About this happening:
**Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...
Google overhauls Android and Chrome bug bounty programs
Commercial ActivityAbout this happening: **Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...
Timeline
-
08.05.2026 18:08 2 articles · 19d ago
Initial report: CallPhantom Google Play fraud campaign targeting Android users in India and Asia-Pacific
Initial DisclosureThe operation began by publishing fake call-history utilities that appeared legitimate but required payment to reveal fabricated results. Early variants used trust-building branding and subscription prompts to convert installs into fraud revenue.
Show sources
- Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08
- Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads — thehackernews.com — 08.05.2026 18:08