A new Android spyware called “Autolycos” has infected eight applications, and Google has deleted them from the Play Store. The spyware, according to Bleeping Computer, runs URLs on a remote browser and then adds the outcome to HTTP requests.
Vlog Star Video Editor, Creative 3D Launcher, Wow Beauty Camera, Funny Camera, Razer Keyboard & Theme, and Gif Emoji Keyboard are just a few of the applications that have been deleted.
The malicious apps were widely promoted on social media where it reaches the user via ad campaigns. The apps that have been infected offer things like keyboard themes, launcher apps, camera apps with filters, and the likes.
Android Autolycos Malware downloaded more than 3 million times
Two of the eight apps that have been found to be infected with Autolycos Malware had more than a million downloads each. Here are the eight apps that have been found to have the Autolycos malware on Google Play Store.
If you have any of these apps downloaded on your phone, delete it immediately as it may read your SMS text messages and steal data.
As shared by Evina’s security researcher Maxime Ingrao, these apps ask for permission to access users’ text messages after their installation and as the users grant permission, the malware reads the SMS text messages and steals data. They sometimes even subscribe the device owner to premium services without letting them know.
Ingrao further shared that the malware performs stealth operations, by executing website URLs on a remote browser and adding it in the HTTP requests. This way they hide themselves from being detected and hence undertake malicious activities on the device.