Another worst Android malware was found on Google Play Store this month, with an infection over 21.1 million devices from dangerous malware family.
According to researchers from Check Point, they have found the second-biggest outbreak ever to hit Google’s platform. The malware’ been dubbed ExpensiveWall after hiding inside wallpaper apps. The researchers warned it sent fraudulent premium text messages and charged for the fake not existing services.
Researchers from Check Point detected, ExpensiveWall infected at least about 50 apps, which were downloaded between 1 million and 4.2 million times, according to data from Google Play Store. A previous sample of the worst android malware, discovered by McAfee, was installed between 5.9 million and 21.1 million.
That’s big numbers, but not quite the stratospheric heights of the Judy malware, which infected Android in May and was downloaded about 36 million times, though it was in fewer apps on the Google Play, as the tech giant had to throw 40 off its store.
Regarding the biggest ever Android malware, Check Point firm researcher Daniel Padon told Forbes that ExpensiveWall was probably second only to Judy malware, though he could not put an estimate on how much the scammers made in the latest explosion in text messages fraud.
Check Point disclosed its ExpensiveWall findings to Google on August 7, 2017. Google team removed incriminating apps, though the cyber criminals moved quickly, uploading another sample of the worst android malware to Google Play Store that infected at least 5,000 smartphones before being removed four days later.
The malware ExpensiveWall doesn’t just steal victim’s money, and it also grabs data from the infected smartphones, including location and IP address. It could also force people to click on online ads, another money-making scheme, as the cyber criminals were at the end of the pay-per-click ad chain.
The Check Point said in a blog post that malware ExpensiveWall was able to find a sneaky way onto Google Play by using encryption techniques to hide its malicious code. The researchers think ExpensiveWall has distributed through some advertising over LinkedIn, whereas, it infiltrated legal apps by posing as a software development kit named “GTK.” Developers, believe it to be guiltless and embedded it in their applications.
Besides Judy and ExpensiveWall malware’s, Google Play Store has been plagued by various schemes of scam over the last year. A hacker aka “Maza-In,” interviewed by Forbes in June, was charged for many attacks in bank login thefts over the globe most popular mobile operating system. With this latest success for the cyber criminals, it’s apparent Google team still has work to do to cut off scammers exploiting Android’s openness.y