ExpensiveWall Android Malware Slips Past Google Play Filters

Share

These apps have been downloaded between 1 million to 4.2 million times on Google Play, and have infected at least 5,000 devices so far.

The malware sends fraudulent premium SMS messages, which is where the "expensive" bit comes in, and makes fake charges against user accounts.

"Once ExpensiveWall is downloaded, it requests several common permissions, including internet access - which allows the app to connect to its C&C server - and SMS permissions - which enable it to send premium SMS messages and register users for other paid services all without the user's knowledge", explained Check Point.

Research firm Check Point has identified as many as 50 malicious apps on Google Play that charge premium fees to its users without their knowledge for fake services.

IPhone 8 Demand In Germany Extremely Low
They stopped pursuing Touch ID under the display not because they couldn't do it, but because they decided they didn't need it. For the first time, Apple is using flagship features like Face detection technology as well as Augmented Reality.

As the second cyber-attack on Android devices in the a year ago, at least 50 apps were infected by ExpensiveWall after being collectively downloaded between 1 million and 4.2 million times.

Millions of users have been victims of the latest malware attack but it is said to be the second biggest Android attack following the first attack early in May this year.

It's unclear how much revenue attackers managed to generate from this particular family. After that, the ExpensiveWall malware sends back to the C&C server handset information, including its location, MAC and IP addresses, IMSI, and IMEI numbers.

"Since the malware is capable of operating silently, all of this illicit activity takes place without the victim's knowledge, turning it into the ultimate spying tool", the vendor warned.

Lascelles strikes again to lift Newcastle
But Lascelles, who headed wide from a similar opportunity before the break, met another Ritchie delivery to win it. It was Stoke's first loss in the league since an opening-day defeat by Everton.

With the new search box you can now search the list of Assistant apps and quickly find what you're looking for. At this point, it looks like developers weren't aware if they were including malicious behavior in their apps. However, even after the affected apps were removed, another sample was spotted in the Google Play Store within days.

Users will likely remain infected even after Google's removal of infected apps until they uninstall these apps.

This allows the malware to execute in the user's device once it has been downloaded. Check Point has shared the complete list of infected apps in today's report (shared below).

That means the players in the United Kingdom can now download the poker apps straight from the Google Play Store, where the apps for sites like partypoker are now listed. As soon as the tech giant was intimated of these apps, they were removed from the Google Play store.

Destiny 2's digital sales far higher than the original, Activision confirms
But Dague said Bungie wanted to find out how it happened in the first place and wanted to lay out its findings for the fans. In Destiny 2, every player creates their own character called a "Guardian", humanity's chosen protectors.

Share