This wallet-draining Android malware has been downloaded millions of times
Autolycos malware secretly signed victims up to premium services
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Googlehas removed eight Android apps found to be carryingmalwarefrom its mobile app store.
The apps, which include camera apps,video editors, emoji keyboards, and similar, have had more than three million downloads between them, and were reported to the company more than a year ago.
In June 2021, cybersecurity researchers from Evina tracked down the eight apps that were carrying Autolycos, adware that secretly subscribes its users to premium services and, most likely, earns commission, and reported it to Google.
Red flags everywhere
After acknowledging receiving the report, it took Google six months to act on it, the firm claimed.
Autolycos was described as malware performing “stealthy malicious behavior”, such as executing URLs on a remote browser, and then including the results in HTTPS requests, instead of Webview, to avoid detection by both users andmobile antivirussolutions.
The key red flag that could have tipped users off, that these were, in fact, malicious apps, was the fact that they requested permission to read SMS content, after installation.
Usually, permission requests are the best way to spot if an app is malicious, or not. A calculator app does not need access to the contacts list, SMS apps, or similar.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
This Android malware is so dangerous, even Google is worried>Beware - another dangerous Android malware has had millions of downloads from the Google Play Store>Here’s our take on the best antivirus solutions right now
Another red flag was user reviews on thePlay Store. While apps with fewer downloads did have better reviews, thanks to bots, those with more downloads have had plenty of disgruntled and unsatisfied customers expressing their opinions in the comments section.
Autolycos’ operators used social media channels, such as Facebook, to promote and distribute their apps. Just one out of the eight apps discovered has had 74 ad campaigns on Facebook alone.
Users can monitor suspicious mobile apps by keeping tabs on background internet data and battery consumption. Furthermore, all Android users should keep Play Protect enabled, and make sure they never download apps from unverified sources. Even when downloading from the Play Store, make sure to read the reviews.
Via:BleepingComputer
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Quordle today – hints and answers for Saturday, November 9 (game #1020)
