Google Play has once again suffered a bout of malware. Security researchers found eight apps that accessed users’ text messages and even made purchases from their phones.
McAfee mobile researchers Sang Ryol Ryu and Chanung Pak noticed the breach across the apps that had a total of 700,000 downloads.
The malware works via dynamic code loading.
“The malware hijacks the Notification Listener to steal incoming SMS messages like Android Joker malware does, without the SMS read permission. Like a chain system, the malware then passes the notification object to the final stage. When the notification has arisen from the default SMS package, the message is finally sent out using WebView JavaScript Interface,” they wrote.
The affected apps included camera apps, wallpaper and keyboard apps.
Recognized as the 2023 ASO Company of the Year – ConsultMyApp
Empowering apps for sustained growth since 2016: amplifying visibility, optimizing conversion, and building loyal advocates for your brand.
Claim free ASO audit
