Months after the complaint, the Google Play platform eliminated these ‘apps’, which subscribed their victims to premium services without their consent.
Maxime Ingrao, a security researcher at the French company Evina, has detected in Android eight applications with ‘malware’, which accumulate around 2,756,000 downloads, reported last week on his Twitter account.
Specifically, the new family of malicious programs, baptized with the name ‘Autolycos’, executed connections to various URLs in a remote browser and then included the result in HTTP requests, instead of using a Webview, with the aim of subscribing its victims to premium services without their consent.
They used Facebook and Instagram
“To promote the applications, the scammers create several Facebook pages and post ads there and on Instagram,” explained Ingrao, who explained that he had evidence of at least 74 advertising campaigns for just two of the ‘apps’.
In many cases, the malicious applications requested permission to read the content of the SMS when installed on the device, which allowed them to access the content of the text messages of the affected phone.
Furthermore, although some ‘apps’ had received negative evaluations on Google Play, those that had less downloads ma They had a good rating there due to the profuse activity of bots, which generated false reviews.
The ‘malware’ ‘app’, which at the time of writing this article have already been removed from the platform Google Play, they are as follows: ‘Vlog Star Video Editor’, ‘Creative 3D Launcher’, ‘Funny Camera’, ‘Wow Beauty Camera’, ‘Keyboard Gif Emoji’, ‘Razer Keyboard & Theme’, ‘Freeglow Camera 1.0.0’ and ‘Coco Camera v1.1’.
According to the security researcher himself told Bleeping Computer, it was already in June 2021 that he discovered these applications. He immediately reported it to Google, but the US company took six months to eliminate six of them, while the remaining two were deleted this July.
The portal, specialized in technology, recommends all Android users to monitor background internet data and battery consumption, keep Play Protect active and try to minimize the number of apps they install on their smartphones, to stay safe from this type of malware. threats.