Android Malware “Autolycos” sneaked its way into the play store, infecting several apps. The French security researcher of Maxime Ingrao firm Evina discovered the presence of malware earlier in June last year (2021). The malware infected eight popular apps that have 3 million downloads worldwide. The spyware was propagating a new variant of joker spyware that subscribed users to premium services and accessed the user’s internal messages. The Fraudsters who created the spyware ran several Facebook pages and ad run campaigns to trick people into downloading the malware-Induced apps.
Researchers of Malwarebytes believe the new variant to be similar to the joker variant. Ingaro, the French cybersecurity research organization, also compared the malware to the joker spyware discovered in 2019. Joker was the first malware that specializes in fleeceware, which is mobile application malware that comes with hidden excessive subscription fees. These ‘wares’ infect mobile phones to keep the user unaware and take advantage of users who do not know how to cancel a subscription to keep charging them long after they delete the application.
For More Interesting News:
The malware is still undergoing a variant mutation which makes it resistant to security walls. As pointed out by Malwarebytes “Autolycos” no longer needs WebView, which means the chance of the user understanding how it affects their device is slime, which is more threatening. There was a delay from Google’s end in removing the app, which created more users affected by the malware.
The apps that were affected
|Vlog Star Video Editor||1 million downloads|
|Creative 3D Launcher||1 million downloads|
|Wow Beauty Camera||100,000 downloads|
|Gif Emoji Keyboard||100,000 downloads|
|Freeglow Camera 1.0.0||5,000 downloads|
|Coco Camera v1.1||1,000 downloads|
|Funny Camera by KellyTech||500,000 downloads|
|Razer Keyboard & Theme by rxcheldiolola||50,000 downloads|
Pradeo researchers have also identified four new malwares that embed the Joker malware:
|Smart SMS Messages||50.000+ installs|
|Blood Pressure Monitor||10.000+ installs|
|Voice Languages Translator||10.000+ installs|
|Quick Test SMS||10.000+ installs|
How to Avoid this Malware
To avoid getting infection and fraud, users must unlist from these apps before it’s too late. Users may utilize Google Play Protect Active, and pay closer attention to apps that ask permission, such the ones that ask you to access SMS. Ensure you only install necessary apps and minimize the ones you don’t require. Users’ reviews are not always trustworthy, as authors of malware may use bots to maintain good reviews and ratings, so you must not rely on user reviews alone and focus on the negative ones. It’s always best to look out for any red flags before you install an app.