Eight malicious cameras and photo editing Android apps are observed to compromise mobile Android’s ecosystem by getting unauthenticated access to victims’ devices. The app may appear as benign but they possess a deadly malware Autolycos which is classified similar to the Joker malware, known to control compromised devices to subscribe to unwanted paid premium services and can be tricky to detect since it leaves no trace.
A French cybersecurity firm Evina tech’s security researcher confirmed that the Autolycos malware has been identified in Google play store apps. The malware-containing app can produce unauthenticated clicks for illegally subscribing to fake premium services without the consent of the device owner. In this way, they can scope out money from the owner’s accounts.
Security researchers have enlisted the malicious apps as follows, Vlog Star Video Editor, Creative 3D Launcher, Wow Beauty Camera, Gif Emoji Keyboard, Freeglow Camera, Coco Camera v1.1, Funny Camera by KellyTech, and Razer Keyboard & Theme by rxcheldiolola.
According to the reports, a total number of more than 3 million people have downloaded these apps and have reported losing money to them.
The Autolycos attack has been revealed by security researchers first on July 13 and now it has been confirmed by several security researchers’ Twitter updates.
Google has advised people who have already downloaded the app to uninstall it from their device and perform thorough security checks. the tech giant has also taken maximum effort to pull out all these apps from the play store.
Found new family of malware that subscribe to premium services π
8 applications since June 2021, 2 apps always in Play Store, +3M installs ππ
No webview like #Joker but only http requests
Letβs call it #Autolycos πΎ#Android #Malware #Evina pic.twitter.com/SgTfrAOn6H
— Maxime Ingrao (@IngraoMaxime) July 13, 2022
