ExpensiveWall Found Concealed in Android Wallpaper Apps
A huge malware campaign penetrated Google Play last week to send deceitful text messages and charge up to 21 Mn people for false services.
The malware nicknamed "ExpensiveWall" after the deceitful app "Lovely Wallpaper', was loaded into 50 different mobile apps and downloaded as many as 4 Mn times. It used a "packing" technique to squeeze code with encryption to avoid security filters of Google.
Check Point Software Technologies, the Israeli cybersecurity company, alerted Google for the cyberattack on 7th Aug. and the apps were removed from the store. A transformation of the malware reappeared to infect another 5,000 devices before it is deleted once again. Check Point said that ExpensiveWall was "packed" inside wallpaper apps because of which it could manage to avoid the anti-malware hurdle of the Google Play Store. Androidguys.com posted on September 19th, 2017, stating that "packing" is a popular method which is used to encrypt malicious code within apps allowing them to go without being detected by normal security measures.
More than 50 apps of the Google Play store were affected and almost four million users downloaded these apps.
Check Point claimed: "While ExpensiveWall is presently designed only to generate profit from its victims, one similar malware could be easily customized to use the same infrastructure in trying to capture images, record audio and even steal sensitive credentials and send these data to a command and control (C&C) server". The report said that Google Play after having been notified about these affected apps in August, removed these but more variants of it resurfaced within days.
Users, who have downloaded any of the infected apps before they were removed from the Play Store, have to manually uninstall those apps from their devices. Lovely wallpaper, one of these affected apps, actually received several negative reviews from users as shown below. If you are not sure about any app, it would be better to check whether that app is still available or not for downloading from the Play Store. In future, one should read user reviews of any app before downloading it as a preventive measure to become protected. Once you have downloaded an app, it is advisable to pay attention to the permissions which it requests.
» SPAMfighter News - 9/29/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!