It's been hardly a week since the Xafecopy malware — which used to steal money on the mobile phone — was detected in Google Play store, and a new malware dubbed ExpensiveWall has already been been uncovered. And this has the same modus operandi!
The ExpensiveWall malware has infected at least 50 apps and was been downloaded between 1 million and 4.2 million times before the affected apps were removed, CheckPoint reported citing Google Play data.
Also read: Everything you need to know about Xafecopy malware
Here's how ExpensiveWall infiltrate and skim mobile device owner's money?
ExpensiveWall is said to be a new variant of the malware Trojanized Photo App found earlier this year on Google Play that used to subscribe users to premium services without their knowledge and send fraudulent SMS messages, charging the accounts for the services.The entire malware family has now been downloaded between 5.9 million and 21.1 million times.
What makes ExpensiveWall different and more dangerous than its other family members is that it is "Packed" – with an advanced obfuscation technique used by malware creators to encrypt malicious code. This allows it to evade Google Play's built-in anti-malware protection measures.
Besides registering to premium services without users' assent, it has the potential to use this "Packed" technique to easily capture pictures, record audio and even steal sensitive data and send it to a command and control (C&C) server, effectively turning the victim's mobile in to ultimate spying tool.
And once the hackers get any sensitive information, they can use it to blackmail the user.
Check Point has notified Google about the ExpensiveWall malware and the former has obliged with quick response by removing all the apps understood to be infected with the malicious code.
However, if users have already installed and are still using these apps on their phone, they are still vulnerable to monetary fraud, and have been advised to manually remove the apps from their devices immediately. [Check out the list of malicious apps infected with ExpensiveWall malware, HERE]
Here's how to protect Android phones from ExpensiveWall and other malwares
- Always keep to your smartphone updated with the latest firmware. Most companies send software updates — especially security patches on priority basis — and always make sure to update them immediately
- Make sure to use premium Antivirus software, which also provides malware protection and internet security
- Never open emails sent from unknown senders
- Never install apps from unfamiliar publishers
Follow us @IBTimesIN_Tech on Twitter for latest news on cyber security and more.