According to a report, around 9.3 million Andriod devices are affected by a new type of malware. This malware is said to be disguising itself in the form of various arcades, strategies, and shooter games on Huawei’s AppGallery marketplace.
The object of this malware has been to steal the victim’s information from their mobile device such as phone numbers.
Once the user has installed these malicious apps, they prompt the user for permission reading to manage the phone calls. Additionally, this method collects their phone numbers and gathers sensitive device information such as system metadata, network parameter, and geolocation data.
The researchers working at Doctor Web discovered this malware. They classified this trojan to fit the description of “Android.Cynos.7.origin” and confirmed that it is a mutated version of the Cynos malware.
Out of the 190 malware-inducing games identified, few were made to only target Russian, Chinese or foreign users from around the world.
According to a statement issued by the Doctor Web researchers:
At first glance, a mobile phone number leak may seem like an insignificant problem. Yet in reality, it can seriously harm users, especially given the fact that children are the games’ main target audience. Even if the mobile phone number is registered to an adult, downloading a child’s game may highly likely indicate that the child is the one who actually uses the mobile phone. It is very doubtful that parents would want the above data about the phone to be transferred not only to unknown foreign servers but to anyone else in general.
Even though the applications infected with this malware are no longer available on the app stores, people who have already installed such apps will definitely need to delete them from their devices manually.
Here are the games that were installed the most number of times from the app store.
- 快点躲起来 (Hurry up and hide) – 2,000,000 installations
- Cat game room – 427,000 installations
- Drive school simulator – 142,000 installations
Below you’ll find a screenshot showing the malicious applications asking for advanced permission from the users.
Image Source: HackRead
While many security experts focus on Android malware that contains spyware-like behavior, in reality, most Android phone threats focus on collecting personal information about the user and frauds invoked by advertisements.
While this malware may not deceive users, it boosts up underground data trading, where users’ personal information is sold without their consent.
Here are a few tips for Android users to protect themselves from various malicious apps: