Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

This dangerous new Android malware has infiltrated apps with over 100 million installs

Samsung Galaxy S23 hands on display macro

In the latest example of supply chain attack shenanigans, unnamed hackers have reportedly managed to compromise 100 million Android devices with data-harvesting malware.

Cybersecurity researchers from McAfee recently discovered a third-party library that they dubbed Goldoson.

The library was added to 60 extremely popular Android apps that users can download via the Play Store and the OneStore (Play Store’s biggest competitor in South Korea). The library was malicious and collects data on installed apps, data on Wi-Fi- and Bluetooth-connected endpoints, and GPS location data.

Adware

The researchers describe Goldoson as “privacy-invasive and clicker Android adware”, as it can click on ads in the background, without the device owner’s consent. The targets are mostly South Korean, it would seem. 

Some of the most popular Android apps that fell prey to this attack are L.POINT with LPAY, Swipe Brick Breaker, and Money Manager Expense & Budget, all of which have in excess of 10 million downloads. 

Then there’s GOM Player, LIVE Score, Real-Time Score, and Pikicast, with five million downloads each, and a handful of other apps with more than a million downloads. 

The amount of data stolen from a device depends on the permissions each app has on the smartphone. According to BleepingComputer, Android 11 and newer versions are better protected against arbitrary data collection, but even in that case, McAfee found Goldoson being able to extract data in 10% of the apps. 

The researchers notified Google about their findings which, in turn, raised the question with the apps’ developers, who were told their apps now violated Google Play policies. While most developers acted promptly and updated their apps to remove the malicious content, some failed to respond. Google removed these apps from the app repository, it was said. 

Therefore, to stay safe from malicious adware and data-harvesting malware, make sure to update your apps to the latest version. If some of your apps are no longer available on the Play Store, it might be best to remove them.

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.