Undoubtedly, Android is one of the malware-prone performing systems. Despite Google’s safety standards, it is not deniable that Android devices still get malware or get compromised. Now, malware named Autolycos has created its path to the Google Play Store and is bundled with eight well-known apps on the Play Store, resulting in over 3 million downloads.
The malware named Autolycos was found by security researcher Maxime Ingrao and was first registered by Bleeping Computer. The malware is present in at least eight Android apps, which Google has now taken down for further prevention. According to the reports, Google took six months to take down these eight applications from the initial revelation of the information.
The malware operates by running URLs on a remote browser and injecting it on HTTP requests rather than loading an external WebView. It also asks consent to read SMS content so that the contaminated apps can access your text messages, which means attackers can potentially pilfer sensitive data like bank details or one-time passwords (OTP).
On Social Media, the infected apps were widely promoted where they reached the user through different ad campaigns. These apps offered varied services such as launcher apps, keyboard themes, camera apps with filters, and the likes. Two of the eight apps that were found contaminated had more than a million downloads per app.
Following are a few of those apps that have been discovered as malicious on the Google Play Store:
- Vlog Star Video Editor (1 million downloads)
- Coco Camera v1.1 (1,000 downloads)
- Gif Emoji Keyboard (100,000 downloads)
- Creative 3D Launcher (1 million downloads)
- Wow Beauty Camera (100,000 downloads)
- Freeglow Camera 1.0.0 (5,000 downloads)
- Razer Keyboard & Theme (10,000 downloads)
- Freeglow Camera 1.0.0 (5,000 downloads)
Uninstall the app immediately; if you have downloaded any of these. Additionally, users can go into their file location and search with the application name. If you locate a folder or any file linked to the app, you should delete that and restart your smartphone once done with the process. Users are also suggested not to download apps running on social media ads unless it is from a renowned developer.
For more informative content on the tech & programming sphere, head to ForceBolt’s YouTube Channel, and don’t forget to hit the subscribe button. Follow us on LinkedIn, Facebook, and Instagram to stay updated with the latest technology news.
Kishor Kumar
Full Stack Technical Lead
A well-versed Senior Full Stack Developer who has the expertise of providing front-end and back-end development services. He is an effective and efficient personnel who knows how to make the right technical decisions at the right time. He understands the basics of working collaboratively with stakeholders, engineers, executives, and end-users to bring the ideas to life. He is a top-performer and motivator who has the added advantage of technology as leverage to achieve timely results.
