Google Play: Autosubscriber

July 22, 2022

I cam across a presentation available from the cyber firm Evina. “Autolycos” explains that one can / could download a malicious app from the Google Play Store. (How’s that smart software working to prevent this type of situation, Google? Hello, Google, are you there?)

The write up states:

In July 2022, a new malware family was discovered by top malware experts at Evina. This discovery is remarkable because new malware families are rarely detected (about once a year) and this specific new malware works in an entirely new way.

The operative word is “new.” Why is this important? Cyber security is a reactive business despite the marketing that says, “We predict threats before they do harm?” Well, marketing.

Among the malicious apps are:

  • CoCo Camera
  • Creative 3D Launcher
  • Freeglow Camera
  • Funny Camera
  • GIF Keyboard
  • Razer Keyboard and Theme
  • VLOG Star Video Editor
  • WOW Camera.

Aimed at younger folks? Sure looks that way;

The report points out:

The malware launches fraud attempts by . For some steps, it can execute urls on a remote browser and embed these results in the http requests. This operation is intended to make it harder for Google to differentiate Autolycos infected apps from legitimate ones. This is exactly why Autolycos remained unidentified for so long and reached over 3 million downloads.

The good news is that the apps appear to be popular outside the US, but there is tomorrow.

Stephen E Arnold, July 22, 2022

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta