Mobile apps

Malware-infested Android apps were caught stealing money — do you have them on your phone? – Laptop Mag


What’s up with cybercriminals’ obsession with signing users up for subscriptions behind their backs? Last week, we dove into Microsoft 365 Defense Research Team’s report on toll fraud, which involved malicious actors conspiring with phone companies to keep you in the dark about secret subscription sign ups.

Now, cybersecurity firm Evina discovered eight naughty apps that employed similar tactics. All contained a malware bug called Autolycos, which enrolled users for premium services, a…….


What’s up with cybercriminals’ obsession with signaling clients up for subscriptions behind their backs? Final week, we dove into Microsoft 365 Protection Evaluation Group’s report on toll fraud, which involved malicious actors conspiring with telephone corporations To maintain you Inside the lifemuch less of Evening time about secret subscription signal ups.

Now, cybersafety agency Evina found eight naughty apps that employed comparable methods. All contained a malware bug referred to as Autolycos, which enrolled clients for premium providers, and consequently, victims unwittingly misplaced money Frequently — They typinamey Did not even Know it.

Autolycos is a vicious, stealthy Android bug

Maxime Ingrao, a safety researcher at Evina, found Autolycos in A minimal of eight Google Play Retailer apps in June 2021:

  • Vlog Star Video Editor – 1 million downloadverts
  • Coco Digital camera v1.1 – 1,000 downloadverts
  • Gif Emoji Keyboard – 100,000 downloadverts
  • Wow Magnificence Digital camera – 100,000 downloadverts
  • Humorous Digital camera – 500,000 downloadverts
  • Razer Keyboard & Theme – 50,000
  • Freeglow Digital camera 1.0.0 – 5,000 downloadverts
  • Inventive 3D Launcher – 1 million downloadverts

In complete, the eight apps have been downloadverted three million events. Based mostly on Ingrao, malicious actors advertvertised their Autolycos-infested apps on social media. For event, Fb featured 74 advert campaigns for the Razer Keyboard & Theme app.

So What’s Autolycos’ modus operandi? As talked about, it subscribes clients to premium providers — and victims are none the wiser. What’s worse is that Autolycos operates stealthily and sneakily, in accordance to Ingrao, so its malicious presence Isn’t immediately apparent. To make its actions much less noticeable, it executes URL launches on a distant browser. 

In some circumstances, the malware-infested apps requested permission to study clients’ SMS content material, giving the malicious Computer software entry to victims’ textual content material messages.

Google Did not take away the apps till the report went public

Apparently, Ingrao informed BleepingComputer that he reported its discovery to Google in June 2021, however As a Outcome of of search-engine huge’s delay in eradverticating the eight malicious apps from the Play Retailer, Ingrao simply disclosed his findings to The general public on July 13.

See extra

Ingrao’s tweets Ought to have lit A hearth beneath Google’s howevert. Six of the apps hadvert been take awayd roughly six months after Ingrao first notified Google, however two remained when Ingrao tweeted about it this week. We tried To Search out all eight apps on the Google Play Retailer, however fortunately, They’ve now all been take awayd.

Do You’d like to’re questioning How one …….