Eight malware-infested Android apps downloaded over 2.75 million times
Evina security researcher Maxime Ingrao has discovered a new malware in at least eight Android applications available through Google Play Store.
Dubbed Autolycos, the malware reportedly has “stealthy malicious behaviour”, including subscribing users to premium services and executing URLs on a remote browser.
The malicious applications would also request permission to read SMS data when users install it.
The applications were collectively installed over 2.75 million times and included:
- Vlog Star Video Editor — 1 million downloads
- Creative 3D Launcher — 1 million downloads
- Funny Camera — over 500,000 downloads
- Wow Beauty Camera — 100,000 downloads
- Gif Emoji Keyboard — 100,000 downloads
- Razer Keyboard & Theme — over 50,000 downloads
- Freeglow Camera 1.0.0 — 5,000 downloads
- Coco Camera v1.1 — 1,000 downloads
Ingrao told BleepingComputer he discovered and reported the applications to Google in June 2021.
Six applications, excluding the Funny Camera and Razer Keyboard & Theme, were removed six months after Ingrao reported them.
Due to Google’s delay in removing the remaining applications, Ingrao publicly disclosed his discoveries via Twitter on 13 July.
Since BleepingComputer’s report, Funny Camera and Razer Keyboard & Theme have been removed from the Google Play Store.
Ingrao demonstrated that the creators of Razer Keyboard & Theme aggressively promoted the application with 74 ad campaigns on Facebook.
The malicious applications with fewer downloads reportedly boosted the applications’ ratings by using bots to post good reviews.
Loading ...