ExpensiveWall Malware in Android Apps: Google Removes Infected Apps After Malware Outbreak
Google recently got rid of 50 apps from Google Play that have been infected with a mobile malware called the ExpensiveWall.
"We've removed these apps from Play and always appreciate the research community's efforts to help keep the Android ecosystem safe," a Google spokesman shared in a statement.
Security company Check Point researchers Elena Root, Andrey Polkovnichenko and Bohdan Melnykov said in a statement issued on Thursday that ExpensiveWall is a new variant of malware found earlier this year on Google Play.
Get Our Latest News for FREE
According to the company, the malware's advanced hiding technique is how it managed to move past Google's security measures.
They wrote, "The entire malware family has now been downloaded between 5.9 million and 21.1 million times."
Once downloaded, it activates the apps that users have to agree to several requests. Through the usual agreements such as internet access, SMS permissions, and more, the malware is able to obtain the victim's personal information, particularly the phone number. The malware then will register the devices to premium services without the knowledge of the owners. It will also send victims' a series of text wherein their accounts will be charged for bogus services.
According to the Check Point, they first informed Google about the malware last Aug. 7. Although the tech giant removed the infected apps from the store, another round of apps managed to bypass the system within days of the deletion. It managed to infect 5,000 units before it was removed for a second time four days later.
Although Google has removed the apps from Play, tech enthusiasts who have downloaded them on their devices are still at risk. Hence, users must manually remove the apps from their devices.
Reports say that the malware manifested in free wallpaper, video, as well as photo editing apps.
