Fake antivirus app delivers Android malware threat to mobile devices
Fake antivirus app delivers Android malware threat to mobile devices
https://www.foxnews.com/tech/android-malware-hidden-fake-antivirus-app
Publish Date: 2026-02-14 14:22:00
Source Domain: www.foxnews.com
NEWYou can now listen to Fox News articles!
If you use an Android phone, this deserves your attention. Right now, cybersecurity researchers warn that hackers are using Hugging Face, a popular platform for sharing artificial intelligence (AI) tools, to spread dangerous Android malware. At first, the threat appears harmless because it is disguised as a fake antivirus app. Then, once you install it, criminals gain direct access to your device. Because of this, the threat stands out as especially troubling. It combines two things people already trust: security apps and AI platforms.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
MALICIOUS GOOGLE CHROME EXTENSIONS HIJACK ACCOUNTS
Researchers say hackers hid Android malware inside a fake antivirus app that looked legitimate at first glance. (Kurt “CyberGuy” Knutsson)
What Hugging Face is and why it matters
For anyone unfamiliar, Hugging Face is an open platform where developers share AI, NLP and machine learning models. It is widely used by researchers and startups and has become a central hub for AI experimentation. That openness is also what attackers exploited. Because Hugging Face allows public repositories and supports many file types, criminals were able to host malicious code in plain sight.
The fake antivirus app behind the attack
The malware first appeared in an Android app called TrustBastion. On the surface, it looks like a helpful security tool. It promises virus protection, phishing defense and malware blocking. In reality, it does the opposite.
Once installed, TrustBastion immediately claims your phone is infected. It then pressures you to install an update. That update delivers the malicious code. This tactic is known as scareware. It relies on panic and urgency to push users into tapping before…
