9 Million Android Phones Running Malware Apps from Huawei's AppGallery
At least 9.3 million Android devices have been infected by a
new class of malware that disguises itself as dozens of arcade, shooter, and
strategy games on Huawei's AppGallery marketplace to steal device information
and victims' mobile phone numbers.
The mobile campaign was disclosed by researchers from Doctor
Web, who classified the trojan as "Android.Cynos.7.origin," owing to
the fact that the malware is a modified version of the Cynos malware. Of the
total 190 rogue games identified, some were designed to target Russian-speaking
users, while others were aimed at Chinese or international audiences.
Once installed, the apps prompted the victims for permission
to make and manage phone calls, using the access to harvest their phone numbers
along with other device information such as geolocation, mobile network
parameters, and system metadata.
"At first glance, a mobile phone number leak may seem
like an insignificant problem. Yet in reality, it can seriously harm users,
especially given the fact that children are the games' main target
audience," Doctor Web researchers said.
"Even if the mobile phone number is registered to an
adult, downloading a child's game may highly likely indicate that the child is
the one who actually using the mobile phone. It is very doubtful that parents
would want the above data about the phone to be transferred not only to unknown
foreign servers, but to anyone else in general."
While the malware-laced apps have since been purged from the
app stores, users who have installed the apps on their devices will have to
manually remove them to prevent further exploitation.
Comments
Post a Comment