The McAfee Mobile Research team has discovered eight popular apps that you may have installed that contain malware capable of making purchases on your device without your consent.
One of the ecosystems most attacked by cybercriminals is Android due to a large number of users with this operating system, and that is why you should always be alert to all the applications that you end up downloading.
Even if you download the applications in the official Google Play Store, that does not mean that you are totally safe, since many applications manage to pass the Google publication filter and are later updated with fraudulent code, which can even hijack the mobile phone.
Now the cybersecurity firm McAfee Mobile Research has located up to eight applications that have been installed more than 700,000 times, affecting thousands and thousands of devices around the world, and that you should check if you have them installed or not to delete them right now.
What these eight applications do are unauthorized purchases by the user due to a malware called Etinu and, although they have already been deleted from the Google Play Store, it is likely that you have installed them before because it has been present in editing applications of photography, wallpapers, puzzles, keyboard and camera use.
To find out why these applications have crept into the Google Play Store, it is because initially, they have been totally clean applications that have included malware in subsequent updates. What this malware has done is to take advantage of dynamic code loading, using harmless names to go unnoticed.
In the final stage, these applications can steal messages, access basic user information, and keep valuable information such as our IP address or telephone number. In addition, they can make purchases related to auto-renewal subscriptions that we have not activated.
The main advice not to fall for these malware applications is to avoid granting permissions that make little sense. For example, if you download a photography application, it would not make much sense for it to ask us for access to SMS. If you see something strange, directly deny access to permissions and delete the application.
Specifically, these would be the eight applications that have the aforementioned malware and that you must delete right now:
- Pip Camera by Bob Xie
- keyboard wallpaper by Kent KY
- 2021 wallpaper and keyboard by Justin Xia
- Picture editor by Sonfe Shen
- Super Color Hairdryer by Yank Lee
- Super Star Ringtones
- My Favorites Up Keypaper by Justin Xia
- Studio Keypaper 2021 by Kent KY
