Malware in Huawei AppGallery infects 9 million Android phones

Malware analysts from antivirus company Doctor Web have found dozens of games in Huawei’s AppGallery infected with malware. The company reports this on its website. The games are infected with the Cynos trojan, which is designed to collect mobile phone numbers from users. Doctor Web reports that at least 9.3 million users have installed the dangerous games.

Malware takes different shapes and sizes. Forms of malware are, for example, a computer virus, adware, or ransomware, which MediaMarkt fell victim to earlier this month. The Cynos Trojan discovered by Dr Web (Android. Cynos.7.origin) is a variant of the Cynos program module. Apps with this malware ask users for permission to make and manage phone calls. In this way, the Trojan gains access to certain data.

When the user has given permission, the malware collects information, which it then sends to a remote server. This information consists of the user’s mobile phone number and the location of the device. The malware uses GPS coordinates, the mobile network or WiFi access points to determine its location.

In addition, the trojan collects various technical specifications of the device as well as parameters from the app’s metadata. Finally, the malware collects various mobile network parameters, such as the network codes and mobile country code, the mobile device ID and the international GSM location area code.

Dr Web states that children are the main target audience of the infected games. The leaked data could cause serious harm to users, the company said. The malware was found in 190 games in the AppGallery. These include simulators, arcades and shooters. Some games were aimed at Russian-speaking users and included Russian localization, titles, and descriptions. Also, certain games were aimed at a Chinese audience.

Other variants of the Cynos trojan malware installed other apps, intercepted text messages, and sent premium text messages. This form of malware is more common.

In October, an employee of antivirus company Avast discovered a large-scale texting scam among apps in the Google Play Store. These apps subscribed their users to premium SMS services. Previously, the Squid Game hype was used to distribute malware through the Google Play Store. Victims of this malware were signed up for expensive SMS services or were inundated with unwanted advertising via SMS messages.

In addition to collecting sensitive data, the Cynos trojan malware that Dr Web also discovered all kinds of ads. dr. Web lists the apps in question that are infected with the malware. The company has notified Huawei of the discovered threats. Huawei has removed the apps containing the trojan from the AppGallery.

Catch up on more articles here

Follow us on Twitter here


Must read


Related Posts