Three million Android users may have lost money and their devices were infected with spyware, after the official Google Play store was discovered to be distributing apps infected with a new family of malware.
Maxime Ingrao, French security researcher described last week on Twitter how he discovered the new malware, named “Autolycos”, and how he signed up users to premium services.
Autolycos malware, which shares similarities with Joker spyware, spies on SMS messages, contact lists and device information, and subscribes unsuspecting users to expensive Wireless Application Protocol (WAP) services. ).
Affected apps include KellyTech’s Funny Camera (which has been installed over 500,000 times from the Google Play Store) and rxcheldiolola’s Razer Keyboard & Theme (over 50,000 installs).
Other malicious apps, which have since been removed from the Google Play Store, include:
- Vlog Star Video Editor (1 million installs)
- Creative 3D Launcher (1 million installs)
- Wow Beauty Camera (100,000 installs)
- Emoji Gif Keyboard (100,000 installs)
- Freeglow Camera (5,000 installs)
- Coco Camera v1.1 (1000 installs)
According to Ingrao, some of the malicious apps were promoted to the public through Facebook and Instagram ads.
Ingrao says the apps poisoned by Autolycos have been available on the official Android Market since June 2021, during which time they were installed more than three million times, but were only recently taken down by Google. Questions will inevitably be asked about whether Google sufficiently verifies the apps made available to millions of users through its marketplace.
As we mentioned earlier, all Android users should follow certain steps to reduce the risk of encountering malware. These include:
- Keep your Android device updated with the latest official security patches.
- Enable Google Play Protect – Google’s built-in malware protection for Android, which automatically scans your device.
- Download your apps from official sources, such as Google Play Store, not unofficial app stores. It wouldn’t have helped in this particular case, but in general, the Google Play Store is considered safer than third-party marketplaces.
- Check app reviews before downloading them, but keep in mind that there have been cases where criminals have posted fake reviews in an attempt to trick users into thinking an app can be considered as sure.
- Consider carefully if you need to accept the permissions requested by an application during installation.
- Consider running an antivirus program from a legitimate security company on your Android device.
Editor’s note: The views expressed in this guest author article are solely those of the contributor and do not necessarily reflect those of Tripwire, Inc.