Delete these 8 Android apps immediately, will steal your personal information

A new malware has been found in the eight Android apps at the Google Play Games Store, which users give them a premium service membership without using users. These eight apps had been downloaded more than 3 million (3 million). A security researcher gave information about this malware through a tweet, in which he named this malware ‘Autolycos’. It was also reported in the tweet that only six of these eight apps were removed on Google Play Store since 2021. However, currently these eight apps have been removed from the store.

The Maxim Ingrao, a security researcher at the cybercaturality firm Evina, on Wednesday, informed through a tweet thread on Wednesday that he discovered a malware named ‘Autolycos’, which was present in at least 8 Android applications. Autolycos is a malware, which secretly works such as executing the URL on the remote browser with an incorrect intention and then using the webview instead of including the results in the http request. Apart from this, it also achieves permission to read SMS through malware apps, through which the user’s personal information is stolen.

In tweet thread, the researcher said that this malware was present in eight apps, including Vlog Megastar Video Scribbler, Inventive 3-D Launcher, Wow Attractiveness Digital Camera, GIF Emoji Keyboard, Freeglow Digital COCORA Digital camera V1.1 includes. All of them were downloaded more than 30 lakh times. In the tweet, the researcher said that two of these apps were not removed by tweet time. However, currently both these apps are not present on the Google Play Games, which means that Google has removed the apps from the store after the tweet.

Bleepingcomputer was told by researcher Ingrao that he had detected these apps in June 2021 and shared his investigation with Google at that time. He also reported that Google had also accepted the matter of receiving his report, but still it took the company six to one year to remove these apps.

As we mentioned, Autolycos is a malware, which secretly works such as executing the URL on the remote browser with an incorrect intention and then using the webview instead of including the results in the HTTP request. In addition, in many cases, when installed on the apps equipped with this malware, SMS also sought permission to read content, which would provide access to the SMS of target to the apps.

Bleepingcomputer’s report further states that to promote apps to new users, Autolycos operators also launched several advertisements on social media. For the Razer Keyboard & Theme app alone, the researcher Ingrao detected 74 advertising campaigns on FB.

In addition, when some of these malware apps get a negative review on Play Games Collect, they maintained good user ratings through bot review.