At least eight apps robot, some of which have been installed millions of times, had a hidden virus. The site explains that this malware can engage users in paid services without them even realizing it BleepingComputer.com This is Wednesday. Maxime Ingrau, Researcher at cyber security Working for Evina, he discovered this malware, dubbed Autolycos, in June 2021.
According to him, this virus Execute the URLs through a different browser than the victims’ browser, before including the result in HTTP requests. The process was done without going through Webview, the program that allows Android apps to access web pages. This privacy made its actions very difficult for users to discover. The malware allowed access to text messages from the target user’s phone.
Google’s reaction was slow
And so Autolycos spread across several ad campaigns promoting the apps he was hiding on Facebook. In addition, bots have ensured that these apps always rank well. Eight of them have been downloaded nearly three million times in total. These are Vlog Star Video Editor, Creative 3D Launcher, Funny Camera, Wow Beauty Camera, GIF Emoji Keyboard, Razer Keyboard & Theme, Freeglow Camera 1.0.0 as well as Coco Camera v1.1.
Upon discovery, Maxime Ingrao alerted Google. But six of the apps in question were not deleted until January 2022. On the other hand, the last two were still available on the Play Store until recently. The company then acted after the researcher announced the existence of Autolycos to the public. People who have downloaded any of these apps should remove them immediately and check the services they have subscribed to.
“Incurable web evangelist. Hipster-friendly gamer. Award-winning entrepreneur. Falls down a lot.”