Android malware have often been found propagating via the Google Play Store. One such malware has been identified recently, which has already been installed over three million times.
Diving into details
Named Autolycos, the malware was present in at least eight Android applications on the Play Store. The applications have been listed below:
Vlog Star Video Editor - 1 million downloads
Creative 3D Launcher - 1 million downloads
Funny Camera - 500,000 downloads
Wow Beauty Camera - 100,000 downloads
Gif Emoji Keyboard - 10,000 downloads
Razer Keyboard & Theme - 50,000 downloads
Freeglow Camera 1.0.0 - 5,000 downloads
Coco Camera v1.1 - 1,000 downloads
The researcher, Maxime Ingrao, discovered the apps in June 2021 and reported his findings to Google. It took the tech giant six months to remove six and the rest two were removed recently.
Autolycos is a stealthy malware that can execute URLs on a remote browser and incorporate the result in HTTP requests instead of Webview. This ensures that the activities go unnoticed and are not detected by the victims.
The malware family promoted its apps to infect new users with various social media campaigns.
It, furthermore, made several bot reviews that are seemingly legitimate to new users.
More Android malware on Play Store
Earlier this month, Pradeo spotted four malicious apps deploying the Joker malware and serving as droppers on Google Play Store.
These apps have been installed by over 100,000 users.
Some other apps were found embedding the Facestealer and Coper malware. The former allows the attacker to pilfer Facebook credentials and authentication tokens. The latter is a banking trojan.
The bottom line
The foremost advice is to download software from only verified sources, although Play Store is not totally averse to cyberthreats. Android users are recommended to monitor data and battery consumption, enable Play Protect, and reduce the number of apps installed. Moreover, enable antivirus solutions and firewalls.