Another 13 Android apps have “pierced” the Play Store and have been downloaded hundreds of thousands of times with, inside, a dangerous virus.
New year, old threats: The cybersecurity company McAfee has found 13 other infected apps dangerous for those who download them on Google’s Play Store, which had passed the checks of the Android app store without significant problems.
But that’s not all: among these apps, there is even one that had already been “pinched” four years ago, republished after a quick restyling to camouflage it. These apps had the Android/Xamalicious trojan, capable of thoroughly spying on the phone and the user.
As is often the case when infected apps are discovered, there is a little bit of everything in between: from games to utilities, from horoscopes to graphics apps. This was also the case this time, and McAfee has released the list of infected apps:
All these apps were present on Google’s Play Store, and, most likely, they are still present in other alternative stores where the security controls are less than those put in place by Google through the Play Protect system.
According to McAfee, the bulk of downloads of these apps took place in South America, but the United States and Europe are also affected by the problem.
One such app, “LetterLink,” is a copy of 2019’s “Cash Magnet,” a scam app that used infected phones to open banner ads in the background.
Also Read: How To Stop Android Apps From Tracking Your Location
Android/Xamalicious is a trojan, a malware that sneaks into your smartphone using encryption techniques to disguise its presence and bypass security controls.
Once inside the phone, however, it takes advantage of the Android app permissions system to gain the ability to spy on the device and, consequently, the user.
Every Android app, even the “clean” ones, asks the user for some permissions during installation to access parts of the device that it needs to function. A photo app, for example, will ask for access to your phone’s camera and storage space. Infected apps usually also ask for what they shouldn’t theoretically ask for; if they get permission, they start spying on the user.
McAfee gives the example of the permissions required by the Numerology: personal horoscope & number predictions app, which include the ability to read and control what appears on the screen and what the user does with other apps through the ability to “track your interactions with an AP or hardware sensors, and interact with apps on your behalf.”
It is clear that if an infected app has these permissions, the Trojan it hides can do whatever it wants on the phone.
McAfee found Android/Xamalicious in 13 infected apps, published months ago on the Play Store and then removed by Google, following a report by the cyber security company.
In such cases, the Google Play Protect system autonomously uninstalls infected apps discovered after phone publication without user intervention. But if the user downloaded the app from other sources, such as third-party stores, the Play Protect won’t work, and the app will remain on the phone.
Even Play Protect, however, sometimes does not work 100%. For this reason, our advice is always to check if one of the infected apps is discovered on your phone and, if there is, remove it as soon as possible and then install a good antivirus and thoroughly scan all the files on the device.
With the digital marketplace expanding rapidly, robust search engine optimization (SEO) strategies become crucial for…
The industry of gaming has become a global powerhouse with millions of users across the…
In the shifting sands of healthcare, the stalwart of patient outcomes often rests on the…
Key Takeaways The evolving role of HR is critical in aligning workplace practices with broader…
Everyone wants Instagram followers, likes, and views since they represent your popularity and whether your…
In today's digital age, it seems there's a mobile application for everything, with nearly nine…