Google Play Store. Google Play Photos
Although Google regularly checks for applications in Play Store, in its online store, new threats appear from time to time for those who use Android phones. This week they appeared eight new which, together, add up more than three million downloads.
As announced by a cybersecurity researcher on Twitter, there is a new family of “malware”: Malicious programs that infect our problems and are popularly known as“ viruses ”.
These programs are made under “evil code” and are intended to perform actions against those who install them, from extracting personal information to influencing the operation of the device. They can also steal information and allow unauthorized access to third parties.
In this category enters “Autolic“, As defined by Maxime Ingrao, the researcher, who made it known on Twitter:
During a discussion with Ingrao, the researcher told specialist website Bleeping Computer that he discovered the apps in June 2021 and reported his findings to Google at that time.
Although Google acknowledged receiving the report, it took the company six months to remove the set of six, while two malicious apps remain in the Play Store to this day.
After a long time since the initial report, the investigator has publicly released his findings.
What are the applications with malware
The researcher found at least eight apps with this problem:
- Vlog Star Video Editor – 1 million downloads
- Creative 3D Launcher: 1 million downloads
- Fun Camera: 500,000 downloads
- Razer keyboard and themes – 500,000 downloads
- Wow Beauty Camera: 100,000 downloads
- Emoji Gif Keyboard: 100,000 downloads
- Freeglow Camera 1.0.0: 5,000 downloads
- Coco Camera v1.1: 1,000 downloads
How is malware
Autolycos is malware that performs invisible malicious behavior, such as running URLs in a remote browser and then including the result in HTTP requests. instead of using Webview.
This behavior is intended to make your actions less obvious and therefore undetectable by users of compromised devices.
In many cases, malicious apps requested permission to read SMS content when they were installed on the device, which allowed access to the apps SMS from the victim.
The recommendation for all Android users is to remove these applications and just in case, Check if they have installed an antivirus.
Source: Clarin