According to PhoneArena , Goldoson infects these Android apps due to an unintentional action by app developers, when they use third-party libraries with malware-containing components. These components are known to be used by app developers to save time needed in developing certain parts of the app.
Multiple apps containing Goldoson malware have been installed more than 10 million times
Goldoson was discovered by researchers at security firm McAfee. The report said that Goldoson can collect a list of applications installed on a mobile device, the names of connected devices that sync with the phone via Bluetooth and Wi-Fi, as well as nearby GPS locations. Additionally, the malware can commit ad fraud by clicking on ads that run in the background without the user's consent.
Google and developers have been notified of the malware. Many of the affected apps have been removed by their developers, while others that did not remove the malware from their apps have been removed from the Play Store by Google. Some of the apps with over 10 million installs that have had the malware removed include L.POINT with L.PAY, Money Manager Expense & Budget, TMAP, and Genie Music. Meanwhile, the Swipe Brick Breaker app with over 10 million installs has been removed for not making changes. A detailed list can be found on McAfee's website.
Experts also warn that even if the apps have been removed from the malware by the developer and passed Google's safety test, that doesn't mean they can't steal personal data or commit advertising fraud. Users are advised to uninstall them from their devices before reinstalling the latest version from the Play Store.
Besides, Android users are advised not to install apps from an unknown developer and check reviews from people with real-life experience before using the app.
Source link
Comment (0)