It preyed on victims by way of Fb adverts
Android is unquestionably not a malware-free platform. For those who bump into the improper web site and obtain the improper APK, issues can go haywire fairly rapidly. But it surely’s typically accepted that so long as you get your apps from the Google Play Retailer, try to be principally free from malware, particularly with initiatives like Play Shield that is alleged to scan for any hidden baddies. Nonetheless, the occasional virus makes its well beyond Google’s firewall and into customers’ telephones. One particular piece of malware, dubbed Autolycos, was being bundled in plenty of in style apps within the Play Retailer, leading to it being downloaded over 3 million instances.
The malware was found by safety researcher Maxime Ingrao (through Bleeping Laptop). It was current in not less than eight functions, all of which have been taken down by Google as of the time of writing — though it reportedly took the corporate six months to take motion from the preliminary acknowledgment of the report.
The best way it really works is that if left to run, the malware will execute URLs on a distant browser and inject it on HTTP requests as a substitute of loading an exterior WebView. It additionally requests permission to learn SMS content material, so the contaminated apps can learn your textual content messages, giving it leeway to steal issues like one-time password codes.
The malicious apps are extensively promoted through social media the place it reaches customers through advert campaigns, most of them on Fb. Customers are lured to obtain them with the promise of keyboard themes, nice-looking launcher apps, and digital camera apps with cool filters. In that regard, they’re efficient with two of these apps reaching above one million downloads apiece.
Contaminated apps, which have all been taken down from the Play Retailer, embody:
- Vlog Star Video Editor (com.vlog.star.video.editor, 1 million downloads)
- Inventive 3D Launcher (app.launcher.creative3d, 1 million downloads)
- Wow Magnificence Digital camera (com.wowbeauty.digital camera, 100,000 downloads)
- Gif Emoji Keyboard (com.gif.emoji.keyboard, 100,000 downloads)
- Razer Keyboard & Theme (com.razer.keyboards, 10,000 downloads, not associated to the gaming/tech firm Razer)
- Freeglow Digital camera 1.0.0 (com.glow.digital camera.open, 5,000 downloads)
- Coco Digital camera v1.1 (com.toomore.cool.digital camera, 1,000 downloads)
For those who’ve (sadly) downloaded any of the above apps after you noticed it on a Fb advert, uninstall it proper now. Additionally, do not obtain apps from adverts, full cease — particularly if you do not know the developer.