At least 9.3 million Android devices are believed to have been infected with a new type of extremely dangerous malware, with the ability to steal victims’ data and phone numbers.
Malware ‘disguising’ the game
The attack campaign of this malicious code was exposed by researchers from Dr.Web. The researchers classified this trojan as “Android.Cynos.7.origin”, a variant of the Cynos malware. For ease of penetration and operation, this new malware disguises itself as a variety of games on ‘s AppGallery store Huawei, from the arcade, shooting to strategy.
To date, Dr.Web’s research has identified 190 malicious games, some of which are aimed at Russian-speaking users, while others are aimed at Chinese or international users.
Activation Mechanism
This type of malware new still requires users to grant permissions directly to the application. Specifically, once installed, the apps will prompt victims for permission to make and manage phone calls, using the access to collect their phone numbers along with other information such as location. geography, mobile network parameters, and system metadata.
As such, this type of malware requires direct user action to activate. However, most people who download and play games are still children, not including a large part of adult accounts that download and give to children to play, so this is still a type of malware that needs extreme vigilance. a pitch from the user.
In fact, apps and games that contain malware of this type have already been removed from the app stores, but users who have installed the app on their devices will need to manually delete them. remaining applications to avoid further exploitation.
Most of these types of malware require users to directly grant permission. The common way of ‘defense’ against malicious malware of this type is to limit the download of applications and games from strange publishers and need to read and think carefully before granting permission to an application.
