New Google Play Malware Has Been Downloaded Over 3 Million Times


Protect Your Access to the Internet

A new malware variant named “Autolycos” has already been downloaded by over 3 million unsuspecting Android users on the Google Play store.

Security researchers at Evina recently found the malware lurking in at least eight apps — two of which are still live at the time of writing.

The virus, which is able to access SMS messages on compromised devices, worked by signing targets up to premium services. Here’s everything you need to know about the new malware variant, and some advice on how to dodge similar threats in the future.

New Android Malware Has Been Downloaded Over 3 Million Times

Google just blocked eight Android apps from its app store, after finding out they were infected with a malicious malware called Autolycus.

The apps were first discovered to contain the new variant Autolycus back in June 2021 by security researchers at Evina. After realizing that the platforms were performing “stealthy malicious behavior,” the firm reported the issue to Google.

After six long months, Google finally took action this week by removing the apps from its platform – but not before the malware was installed by over 3 million Android users.

Autolycus: a closer look

With its name deriving from Greek mythology, Autolycus is a new malware threat that works by tricking victims into signing up for premium services.

Many apps containing the variant requested users’ permission to read SMS content upon installation, meaning that the victim’s private text messages were likely to be compromised too.

According to the security researchers, the malware is able to evade detection by executing URLs on a private browser instead of using the Android Webview. This way, the applications were able to display their content without performing an HTTP request.

The Autolycus-infected apps were advertised on social platforms like Facebook. The total number of online ads is unknown, but the social campaign appeared to be pretty widespread with Evina counting 74 for the Razer Keyboard & Theme alone.

Which Apps Contained the Malware?

The two apps still containing the malware are “Funny Camera” by KellyTech, and “Keyboard & Theme” by rxcheldiolola. The apps have received 500,000 and 50,000 installations…