Remove these Android apps infected with Autolycos malware

Remove these sneaky malware apps from Android as soon as possible

Try it like Google. It seems that malware-infected apps cannot be prevented from invading the Play Store. Recent”Charge fraudMalware targeting older Android.Now the scammers behind the new malware species Tricked users into downloading millions of times.. Fortunately, all apps known to be infected have been removed from the Play Store, but you can still keep one of them on your smartphone.

Researcher Maxime Ingrao The first highlight of this new malware group was.. Ingrao named it “Autolycos” and claimed that at least eight Android apps packaged new malware for download by unsuspecting victims. What is the worst part? Android users have downloaded these eight apps more than 3 million times in total. So Autolycos has found a way to do it on millions of devices.

Autolycos may also be present in other apps, but these are eight titles that Ingrao has confirmed to hide malware. Listed here in descending order of the number of downloads reached before being removed from the Play Store.

• Vlog Star Video Editor: 1 million downloads
• Creative 3D Launcher: 1 million downloads

• Funny camera: 500,000 downloads
• Razer keyboard and theme: 500,000 downloads
• Wow beauty camera: 100,000 downloads
• GIF emoji keyboard: 100,000 downloads
• Freeglow Camera 1.0.0: 5,000 downloads
• Coco Camera v1.1: 1,000 downloads

Ingrao told Bleeping Computer He discovered these malicious apps and reported them to Google over a year ago., Returned in June 2021. Google reportedly confirmed that it had received Ingrao’s findings, but the company took no action for six months and still removed only six of the eight identified apps from the Play Store. When the Bleeping Computer article was published on Wednesday, July 13, two apps, Funny Camera and Razer Keyboard & Theme, were still available for download.Immediately after publication, Google removed them App too..

The main purpose of Autolycos is to sign up for premium services without the victim’s knowledge.It will be achieved This will run the URL in another remote browser, Webview.This process is designed to allow the Autolycos app to work stealth. Without warning the user.. In addition, many of these apps asked for permission to read the user’s SMS, allowing Autolycos to freely scrape the victim’s text messages.

The appeal of this particular Autolycos attack is that hackers have sold the legitimacy of the app on Facebook pages and ads on Facebook and Instagram. As Ingrao emphasized in the tweet, the Razer Keyboard & Theme app had 74 advertising campaigns and managed 500,000 downloads when everything was said.

How to protect yourself from Autolycos and other malware apps

First of all, take a closer look at the list of apps above. If installed on an Android device Delete now..Nothing is currently available for download, but it will be removed from the Play Store It does not affect apps that are already installed on your device.

From now on, please scrutinize the apps in the Play Store before downloading them to your phone. See the app name, preview image, and description. Does everything make sense for that intended app type? The description should be clear and well written, and the images should be of high quality and show off the basic features being advertised.

Scan reviews: If you find that you have a lot of bad reviews, skip the app. However, also note how positive reviews are written.in the case of All five-star reviews seem to be poorly worded or generally miss the point of the app. This is a sign that they are. Bot generation Reviews are aimed at increasing the rating of malicious and junk apps.

Most important thing, Check the permissions required by the app during installation. For example, video editors don’t have businesses that ask for permission to read SMS, but theme apps need to make their location and health data inaccessible. Avoid if you find that there are too many permissions on the list, especially if those permissions don’t match the purpose of your app.

[BleepingComputer]