According to a new report from Bleeping Computer, a newly-discovered Android malware was downloaded over 3 million times. It has appeared in a number of apps, which, in total, have over 3 million downloads.
Newly-discovered Android malware managed to rack up over 3 million downloads
This malware is named ‘Autolycos’, and it was discovered by Evina’s security researcher, Maxine Ingrao. It was spotted in eight applications, two of which are still available in the Google Play Store, as of writing this article.
The two remaining apps are ‘Funny Camera’ by KellyTech, which has over 500,000 installs, and ‘Razer Keyboard & Theme’ by rxcheldiolola, which was downloaded over 50,000 times.
The other six apps have been removed from the Google Play Store. If you do still have them installed, though, you should remove them. You can see a list of those down below.
- Vlog Star Video Editor (com.vlog.star.video.editor) – 1 million downloads
- Creative 3D Launcher (app.launcher.creative3d) – 1 million downloads
- Wow Beauty Camera (com.wowbeauty.camera) – 100,000 downloads
- Gif Emoji Keyboard (com.gif.emoji.keyboard) – 100,000 downloads
- Freeglow Camera 1.0.0 (com.glow.camera.open) – 5,000 downloads
- Coco Camera v1.1 (com.toomore.cool.camera) –1,000 downloads
It took Google six months to remove 6 out of 8 of these apps
Having said that, Ingrao discovered this way back in June 2021. He reported his findings to Google back then, but it took Google a lot of time to react. It took the company six months to remove the six apps listed above, says Bleeping Computer.
The researchers waited for a long time to disclose the information, mainly due to Google. It would have come sooner if Google reacted faster and removed said apps.
So, what exactly is ‘Autolycos’? It is malware that works in the background, and does malicious things. It can execute URLs on a remote browser and include the result in an HTTP request instead of using Webview.
By doing that, it aims to avoid being spotted by users, and in many cases, it requests SMS permission upon app installation. That way, it gains access to your SMS text messages.
To make things worse, these apps got advertised quite a bit. Ingrao spotted 74 ad campaigns on Facebook for the Razer Keyboard & Theme alone.
Many of those apps had horrible reviews on the Play Store, though those with fewer downloads did not. So, that was not exactly a red flag either, as they had plenty of bot reviews, it seems.