Despite Google’s measures to keep malware-infected apps out of the Play Store, the malware still seems to be leaking cracks. The latest discovery points to a malware found in 60 apps with more than 100 million downloads.Affects 60 apps
McAfee’s mobile research team discovered a third-party software library called Goldoson, which collects sensitive information and engages in ad fraud. However, the developers who use Goldoson are not even aware that they have added a malicious malware component to their program.
Once Goldoson is installed, it can collect data about apps installed on a device, the history of WiFi and Bluetooth connected devices, and nearby GPS locations. The most insidious aspect of the malware is that it can also commit fraud by clicking on advertisements in the background without the user’s consent. This is achieved by the library loading the HTML code and injecting it into a customized, hidden WebView, using it to visit multiple URLs for ad revenue without the user knowing what it is.100 million downloads
Some of the affected apps with the highest number of downloads are L.Point with L.Pay, Swipe Brick Breaker, Money Manager Expense & Budget, GOM Player, Live Score, GOM Audio, and Compass 9. More than 100 million of these apps were downloaded from the Google Play Store, while about 8 million of them were downloaded from Korea’s leading app store ONE Store. You can browse all affected apps here and uninstall if you have the app installed.
The good news is that users with Android 11 and higher operating systems are more protected from applications that try to gather information about other applications installed on the device. However, McAfee found that even with the latest version of the operating system, Goldoson was able to collect sensitive information in about 10 percent of the applications it was installed on. In the meantime, how much data will be collected depends on how much the user allows the application during the installation process.McAfee reportedly reported problematic apps to Google, and Google reportedly notified developers that their apps violated Google Play policies and needed to be fixed. Applications that did not respond to Google’s requests were removed from the Play Store, and the remaining applications were updated by their developers. We recommend that those who have installed any of these apps update their apps to their latest versions.
37484
