Cybersecurity researchers discovered eight fraudulent apps that stole users’ texts and money, and they stressed the need to delete them immediately.
With a total of 700,000 installations, the malware has been rolled out as wallpapers, keyboard covers, photo editors, and other camera related apps.
Intervals Cybersecurity giant McAfee, In a blog post on Monday, the apps are listed on the Google Play Store in the Arabian Peninsula and Southwest Asia.
Thankfully, Google removed it from the store after receiving reports from McAfee.
“A new wave of fraudulent apps has made its way into the Google Play Store. Malware included in these fraudulent apps hijacks SMS notifications and then makes unauthorized purchases,” said researchers Sang Ryul Ryu and Shanan Pak.
Applications are subject to a review process before they are allowed into the Google Play Store, but fraudsters have found an easy way to overcome this.
To bypass the “google guards,” the apps were initially presented as “clean” apps before the malicious code was added through a series of updates.
The attackers then make purchases with the victim’s credit card, making the purchase a big deal.
McAfee calls Android / Etinu malware. Although they have been removed from the Google Play Store, the applications may still be on your phone.
And if any of the following are lurking in your application library, be sure to delete them:
– org.my.f Favorites.up.keypaper
The American company advised users of the “Google Play” store to monitor the permissions requested by the applications when they are downloaded.
“It is important to pay attention to applications that request SMS and notification listener permissions,” the researchers wrote.
Source: The Sun