As much as Google does its best to keep malware apps at bay, some of them still slip through the cracks. A new malware called Autolycos has been downloaded over 3 million times on Google Play Store by unaware users. While Google has gotten rid of the 8 apps hiding the malware, millions of people still have them installed on their devices.
French security researcher, Maxime Ingrao, was the first to unmask the notorious malware. Ingrao, who works for EvinaTech, revealed to BleepingComputer that he reported the malware to Google in June 2021. However, Google took about six months to get rid of the apps.
Autolycos malware hides inside an android app and subscribes users to premium services without their knowledge. The hackers behind the malware ran 74 Facebook and Instagram ad campaigns for one of their apps called “Razer Keyboard & Theme app”. The app attracted 500,000 downloads.
Below are the apps that Maxime Ingrao found to be hiding Autolycos malware. If you have any of these apps installed on your Android device, should uninstall it as soon as possible:
- Vlog Star Video Editor (com.vlog.star.video.editor): 1 million downloads
- Creative 3D Launcher (app.launcher.creative3d): 1 million downloads
- Funny Camera (com.okcamera.funny): 500,000 downloads
- Razer Keyboard & Theme (com.razer.keyboards): 500,000 downloads
- Wow Beauty Camera (com.wowbeauty.camera): 100,000 downloads
- Gif Emoji Keyboard (com.gif.emoji.keyboard): 100,000 downloads
- Freeglow Camera 1.0.0 (com.glow.camera.open): 5,000 downloads
- Coco Camera v1.1 (com.toomore.cool.camera): 1,000 downloads
How to Protect Yourself from Malware like Autolycos
First and foremost, review the apps listed above. If you have any in your android device, delete it immediately. While Google has wiped them out of Play Store, they will affect users who still have them installed.
Before downloading any app on Play Store, take a thorough review of it first. Start by reading the app’s name and going through the description. See if it is clearly written and whether it does what it claims to do.
You can also verify whether an app is a malware through its permission requests. For instance, it is inappropriate for a camera app to request access to your SMS messages. Also, avoid apps with too many permission requests or those whose requests do not match their purposes.
