More than 9 million Android devices infected with malicious code from applications in Huawei AppGallery

Warning: The Joker malware has infected over 500,000 Huawei Android devices
Huawei wants Google to become a 'collaborator' in its smartphone application ecosystem

Malware that 'disguises' the game

The attack campaign of this malicious code was exposed by researchers from Dr.Web. The researchers classified this trojan as "Android.Cynos.7.origin", a variant of the Cynos malware. For ease of penetration and operation, this new malware disguises itself as a variety of games on Huawei's AppGallery store, from arcade, shooting to strategy.

More than 9 million Android devices infected with malicious code from applications in Huawei AppGallery Picture 1

Up to 9.3 million Android devices are believed to have been infected with malicious code 'disguising' games on Huawei AppGallery

To date, Dr.Web's research has identified 190 malicious games, some of which are aimed at Russian-speaking users, while others are aimed at Chinese or international users. .

Activation Mechanism

This new type of malware still requires users to grant permissions directly to the application. Specifically, once installed, the apps will prompt victims for permission to make and manage phone calls, using the access to collect their phone numbers along with other information such as location. geography, mobile network parameters, and system metadata.

More than 9 million Android devices infected with malicious code from applications in Huawei AppGallery Picture 2

Malware 'disguising' the game will try to ask users for as much privacy as possible

As such, this type of malware requires direct user action to activate. However, most people who download and play games are still children, not including a large part of adult accounts that download and give to children to play, so this is still a type of malware that needs extreme vigilance. pitch from the user.

In fact, apps and games that contain malware of this type have already been removed from the app stores, but users who have installed the app on their devices will need to manually delete them. remaining applications to avoid further exploitation.

Most of these types of malware require users to directly grant permissions. The common way of 'defense' against malicious malware of this type is to limit the download of applications and games from strange publishers and need to read and think carefully before granting permission to an application.

Malware

Isabella Humphrey

Update 01 December 2021

You should read it

May be interested

Signs that the smartphone has been infected with malware
if your smartphone appears one of the following signs, it is likely that your device has been infected with malicious code and is being tracked by hackers, stolen information remotely.
How to detect malicious apps on Android
installing applications outside of google play is often potentially risky, making users more likely to steal personal data and money. therefore, the detection of malicious applications on android phones will help you distinguish what will be a safe application, where the application contains malicious code, thereby minimizing the download of dangerous applications. security and protection of android devices become safer.
Huawei pledges not to retain any revenue, leaving 100% of the app revenue to developers
in a move to entice developers, huawei pledged that all app developers on huawei appgallery will receive 100% of the revenue from their apps.
Warning: VPNFilter malicious code attacks the router that has 'evolved', there are many extremely dangerous new features
newly discovered experts, vpnfilter has attacked and infected more than 500,000 routers recently added the ability to remove https encryption, attack intermediaries, and even wipe information on the device itself. .
Appearing dangerous Android malicious code specializing in stealing chat content on Facebook Messenger, Skype ...
a type of malware that has a package name is com.android.boxa that can steal users' private chat data on current messaging applications such as facebook messenger, skype, etc., by experts from the company. network security trustlook detected on android operating system.
14 games on the App Store contain malicious code, iPhone users be careful
security researchers wandera recently discovered 14 games linked to a server once used to control malware golduck that made the android world chaotic last year.
Series of Android applications contain malicious code you should remove immediately from your device
cybersecurity researchers have discovered many android apps containing adware and information-stealing malware on the google play store.
Detecting a Chrome extension infected with malicious code, stealing the password and the user's e-wallet key
zdnet, mega.nz reports - chrome's data sharing extension has been infected with malicious code. this malicious code has the ability to collect information about visitors' websites, account names, passwords and other data.
After WannaCry, Petya's 'extortion' malicious code is raging, this is a remedy to prevent
the 'blackmail' malicious code called petya, which appeared under the new version of petrraprap, is similar in effect to the wannacry malicious code, causing the computer system of many multinational companies to be shattered. according to the initial record, these first countries infected with malicious code include ukraine, russia, britain and india.
Signs that your computer is infected with malware
malware, also known as malware, is harmful files, they often come from installing pirated software or you unintentionally download them from the internet. to detect malicious code on your computer, you need to carefully check everything on your computer.