Android malware infiltrates 60 Google Play apps with 100M installs

Gandalf_The_Grey

Level 79
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,853
A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads.

The malicious malware component is part of a third-party library used by all sixty apps that the developers unknowingly added to their apps.

Some of the impacted apps are:
  • L.POINT with L.PAY - 10 million downloads
  • Swipe Brick Breaker - 10 million downloads
  • Money Manager Expense & Budget - 10 million downloads
  • GOM Player - 5 million downloads
  • LIVE Score, Real-Time Score - 5 million downloads
  • Pikicast - 5 million downloads
  • Compass 9: Smart Compass - 1 million downloads
  • GOM Audio - Music, Sync lyrics - 1 million downloads
  • LOTTE WORLD Magicpass - 1 million downloads
  • Bounce Brick Breaker - 1 million downloads
  • Infinite Slice - 1 million downloads
  • SomNote - Beautiful note app - 1 million downloads
  • Korea Subway Info: Metroid - 1 million downloads
According to McAfee's research team, which discovered Goldoson, the malware can collect data on installed apps, WiFi and Bluetooth-connected devices, and the user's GPS locations.

Additionally, it can perform ad fraud by clicking ads in the background without the user's consent.
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
849
Yikes! That's too many malicious Apps. GOM player is surprising, you wouldn't think a media player is infected with malware.
 
  • Like
Reactions: vtqhtr413

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
Am I crazy or does Android not present a National Security problem when installed on US Government employees devices? Just what you want, people's GPS and connected devices IP data in the hands of naughty people...

I'm so happy the EU has forced Apple to allow sideloading...
 

n8chavez

Level 18
Well-known
Feb 26, 2021
877
Am I crazy or does Android not present a National Security problem when installed on US Government employees devices? Just what you want, people's GPS and connected devices IP data in the hands of naughty people...

I'm so happy the EU has forced Apple to allow sideloading...

So, you're happy Apple allows unregulated app installing? Call me crazy, but that sounds more dangerous that getting apps through the official store, even if that has its own problems.
 

MuzzMelbourne

Level 15
Verified
Top Poster
Well-known
Mar 13, 2022
599
So, you're happy Apple allows unregulated app installing? Call me crazy, but that sounds more dangerous that getting apps through the official store, even if that has its own problems.
I'm sorry it came across that way. I was being sarcastic! I am really quite annoyed that a bunch of unrepresentative swill could be outright stupid enough to, not only allow but, mandate allowing sideloading. The scumbags of the World must be queueing up for Euro Visa's
 

vtqhtr413

Level 27
Well-known
Aug 17, 2017
1,608
The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30 million times. The finding comes from CloudSEK’s security team, who report finding a set of 193 apps carrying the malicious SDK, 43 of which were active on Google Play at the time of their discovery last week.

SpinOk was first discovered by Dr. Web late last month in a set of a hundred apps that had been collectively downloaded over 421 million times. As the mobile security company explained in its report, SpinOk was distributed via an SDK supply chain attack that infected many apps and, by extension, breached many Android users.

The full list of infected applications can be found in the appendix section of CloudSEK’s report.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top