According to PhoneArena , Goldoson infects these Android apps due to an accidental action by app developers, when they use third-party libraries with malware components. These components are known to be used by app developers to save time needed in developing certain parts of the app.
Multiple apps containing Goldoson malware have been installed more than 10 million times
Goldoson was discovered by researchers at security firm McAfee. The report said that Goldoson can collect a list of applications installed on a mobile device, the names of connected devices that sync with the phone via Bluetooth and Wi-Fi, as well as nearby GPS locations. Additionally, the malware can commit ad fraud by clicking on ads that run in the background without the user's consent.
Google and developers have been notified of the malware. Many of the affected apps have been removed by their developers, while others that did not remove the malware from their apps have been removed by Google from the Play Store. Some of the apps with over 10 million installs that have had the malware removed include L.POINT with L.PAY, Money Manager Expense & Budget, TMAP, and Genie Music. Meanwhile, Swipe Brick Breaker, which had over 10 million installs, has been removed for not making changes. A detailed list can be found on McAfee's website.
Experts also warn that even if the apps have been removed from the malware by the developer and passed Google's safety test, that doesn't mean they can't steal personal data or commit advertising fraud. Users are advised to uninstall them from their devices before reinstalling the latest version from the Play Store.
Besides, Android users are advised not to install apps from an unknown developer and check reviews from people with real-life experience before using the app.
Source link
Comment (0)