Friday, July 15, 2022
HomeHackerAutolycos Android Malware Attracted Big Downloads On Play Retailer

Autolycos Android Malware Attracted Big Downloads On Play Retailer


Heads up, Android customers! Researchers have discovered a brand new Android malware within the wild that even appeared on the Google Play Retailer. Recognized as “Autolycos”, this Android malware impersonated a number of apps to floor on the Play Retailer and garner large downloads.

About Autolycos Android Malware

By way of a latest Twitter thread, safety researcher Maxime Ingrao from Evina Safety shared particulars a couple of new malware marketing campaign focusing on Android customers.

The researcher named the malware “Autolycos,” which ran devoted infectious campaigns within the wild impersonating completely different apps. Whereas that’s apparent for a cell malware, what made Autolycos harmful is its look on the official Google Play Retailer.

Regardless of Google’s sturdy safety checks, Autolycos malware succeeded in intruding into the Play Retailer to lure customers. Such intrusions counsel that android customers can blindly belief the apps on the Play Retailer both except they know the app developer.

Ingrao defined that the malware existed on the Play Retailer through no less than 8 completely different apps since June 2021. All of those apps attracted large variety of downloads, two of which even boasted over 3 million installs.

This malware sneakily subscribes the victims to premium providers (therefore behaving as fleeceware). On this method, it attracts cash from the victims whereas staying underneath the radar, making it tough for the sufferer to detect and cease the an infection.

Relating to how the malware works, the researcher said in his tweet,

It retrieves a JSON on the C2 tackle: 68.183.219.190/pER/y
It then executes the urls, for some steps it executes the urls on a distant browser and returns the consequence to incorporate it within the requests
This permits it to not have a Webview and to be extra discrete

So as to add legitimacy to the malicious apps distributing the malware, the menace actors behind Autolycos malware have additionally arrange devoted social media pages for promotions.

Extra technical particulars concerning the malware and its campaigns within the wild can be found in Evina’s detailed report.

Some Malicious Apps Nonetheless Exist

After detecting the malware, the researcher reported the malicious apps to Google for subsequent motion. The researcher has shared the listing of these apps on this tweet.

Satirically, it took the agency a number of months to take away these apps. Nonetheless, considered one of them, “Humorous Digicam” (com.okcamera.humorous), continues to exist on the Play Retailer.

Which means customers should stay very cautious when encountering this app. Additionally, if they’ve downloaded any malicious apps, customers ought to rush to delete the app from their gadgets. Whereas, as a precaution, customers should at all times keep away from downloading apps from unknown, untrusted, or new builders, even when they boast large downloads or critiques.



RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments