Google Eliminates Android Apps With Malware
Table of Contents
- By Steven
- Published: Jul 21, 2022
- Last Updated: Jul 21, 2022
Google has officially removed Android apps containing malware. The tech powerhouse eliminated the eight apps in the aftermath of a whopping three million total downloads.
Why Were the Apps Removed?
The apps in question contained Joker spyware. Joker is a malware variant that propagates within apps. The malware subscribes targets to premium services. The malware also obtains access to targets' text messages and works without the target's consent, ultimately resulting in a significant financial setback. This strategic approach to manipulation and theft is known as fleeceware or toll fraud malware.
Who Discovered the Threat?
Maxime Ingrao, an employee of Evina, a cybersecurity specialist, identified the malware that he refers to as Autolycos. Ingrao identified the apps on the website transmitting Autolycos dating back to the summer of 2021. The evildoers responsible for the threat use Facebook, displaying ads on the popular social media platform to push the malware. The cyber security specialist insists the malware is similar to Joker. Joker was initially identified in 2019. The two threats are similar in that they covertly subscribe targets to services behind paywalls, steal SMS messages, and engage in other harmful activities.
It appears as though the malware is an Android/Trojan.Spy.Joker variation of the original Joker. Joker was a serious threat as it remained hidden within ads, was secretly transmitted by harmful apps, and propagated across computers. The two forms of malware are different in terms of execution. Autolycos and Joker differed in terms of webview as well as HTTP requests. Joker functioned with a webview, meaning a component of online content such as a small segment of the app screen. Autolycos executes URLs with remote browsers containing the results. Such a design facilitates discrete activity, especially when juxtaposed with the comparatively conspicuous Joker. Joker ultimately raised alarms with detection defenses much more frequently than its successor Autolycos.
What Apps Contain Autolycos?
All in all, eight apps have Autolycos. Those apps are Funny Camera, Coco Camera, Wow Beauty Camera, Vlog Star Video Editor, Gif Emoji Keyboard, and Razer Keyboard & Theme.
How Long Did It Take for Google to Respond?
According to Ingrao, he revealed the presence of the problematic apps in the middle of July 2021. Ingrao immediately reported the issue to Google. However, it took Google six months to eliminate the half dozen apps. Malwarebytes insists Google deleted the final two apps in the middle of July. Google has not addressed why it took so long to remove the threats. Furthermore, there is the potential for similar threats to arise within new apps added to the Google Play Store. You can do your part to safeguard your computer and network by implementing the industry’s latest digital shields.
