admin
In case you missed it, McAfee Mobile Research Team (MMRT) (Opens in a new tab) Last week, it revealed that it had discovered more than 60 legitimate apps on Google Play with a new Android malware called “Goldoson”.
MMRT clarified that this malware was no Made by developers of infected applications. Instead, it’s a malicious third-party library that the developers used, but it’s unclear if they knowingly – in bad faith – injected Goldoson into their apps.
What does Goldson do?
If the victim inadvertently downloads an app that infiltrates Goldoson, their personal and sensitive data is at risk. Once the quarry grants the malicious app certain permissions, it can obtain the following information:
- Sensitive data from the victim’s installed apps
- Location history
- MAC address of bluetooth and wifi nearby
- GPS data
McAfee researchers hinted that Wi-Fi and Bluetooth device information is actually more of a concern than GPS data. With this data, cybercriminals can extract the Basic Service Set Identifier (BSSID) and Received Signal Strength Index (RSSI).
“Based on BSSID and RSSI, the app can locate the device more accurately than GPS, especially indoors,” MMRT warned.
MMRT added that users with Android 11 or higher are further isolated from Goldoson in terms of apps trying to collect data from victims’ installed apps, but even then, it’s not foolproof. “With the latest version of Android, we found that about 10% of apps that use Goldoson have the ‘QUERY_ALL_PACKAGES’ permission that allows them to access app information,” McAfee’s report said.
What apps have been detected with Goldoson malware?
Nearly half of Android apps detected infected with malware have accumulated more than 1 million installs; Five of which have more than 10 million downloads. Collectively, all of the 60+ malicious apps have attracted over 100 million installs.
McAfee said that these apps primarily targeted the Korean Google Play app market. Check the list below to see if you have any of them on your device.
- L.PINT with L.PAY – 10 million+ downloads
- Brick breaker slam – 10 million+ downloads
- Account manager money and budget – 10 million+ downloads
- GOM player – 5 million+ downloads
- Live score, real time score – 5 million+ downloads
- Compass 9: Smart compass – 1 million+ downloads
- GOM Audio – Music, Lyrics Sync – 1 million+ downloads
- Lotte World Magic Pass – 1 million+ downloads
- Bounce the breaker bricks – 1 million+ downloads
- infinite slice – 1 million+ downloads
- SamNote – Nice note app – Over 1 million downloads
- Korea Subway Information: Metroid – 1 million+ downloads
- UBhind: Mobile Tracking Manager – 1 million+ downloads
McAfee said Google was notified of the listed apps and worked quickly to correct the problem. However, keep in mind that not all apps are removed. Some of them have been updated, ensuring that they no longer contain a malicious library. However, we recommend that you delete the app completely. Want to see the full list? click here. (Opens in a new tab)
MMRT boasts that McAfee Mobile Security is the best Goldoson threat detector in Android phones and removes it immediately.
GIPHY App Key not set. Please check settings