The eight infected apps had over three million downloads. Google did not remove them from their Play Store until the report was published. We now have all the information about the attack on android users, which Maxime Ingrao , security researcher, has called “Autolycos” a year later.
This malware’s modus operandi is somewhat similar to another malware that Android users are familiar with: joker. Autolycos could also subscribe users to premium calling or SMS services, thereby slowly emptying their bank accounts. Autolycos malware can wipe your bank account.
The infected apps had more than three million downloaded
In June 2021, the firm’s investigator EvinaTech warned about the threat and revealed that there were eight Autolycos-infected applications. Below is a complete list of the apps and their downloads.
Vlog Star Video Editor | + 1 million downloads
Coco Camera v1.1 | + 1000 downloads
Gif Emoji Keyboard | +100000 downloads
Funny Camera | +500000 downloads
Creative 3D Launcher | + 1 million downloads
All of them contained malicious code that could load URLs from the browser remotely to execute the attacks. These included subscribing users for premium services. The apps also had the right to view the contents of SMS users. This comes with risks (e.g., single-use verification codes being read).
Researchers explain that attackers ran massive advertising campaigns on platforms like Facebook. The most concerning aspect of this case is the fact that Google was aware of Autolycos’ existence since June 2021, but ignored it. To this day, it is still possible for two of eight apps to be found in the store catalogue. The researcher made his findings public on July 13 with the intention of alerting the public to prevent more people infecting their devices by this new malware.