This is a BETA experience. You may opt-out by clicking here. More From Forbes. Nov 22, , am EST. Nov 21, , am EST. Nov 20, , am EST. Earlier this year, over , Huawei Android devices were found to be infected with Joker. The malware is known to subscribe users to premium mobile services without their consent or knowledge. For the Halloween Coloring app, an identical file named "q7y4prmugi" exists at the same location.
These files contain base64 code, shown below, packing a Linux ELF binary:. As checked by BleepingComputer, these files yr41ajkdp5 and vl39sbv02d being XOR-encrypted themselves, are not detected by any of the leading antivirus engines thus far. In essence, the quasi-benign 'Smart TV remote' and 'Halloween Coloring' apps are a front for downloading malicious apps onto your Android devices.
Last month, malicious "photo editor" apps were also caught sitting on the Google Play store by Shishkova and Maxime Ingrao, a security researcher at mobile payments cybersecurity firm Evina. It is plausible, Google Play Protect might eventually catch these apps and offer automatic protection to affected users, despite the initial miss leading to the apps' publication on Play store.
It also periodically scans your device. Business Business Solutions. Get Started Find the right solution for your business See business pricing Don't know where to start? Help me choose a product See what Malwarebytes can do for you Get a free trial Our team is ready to help.
Partners Explore Partnerships. Partner Success Story. Resources Resources Learn About Cybersecurity. Malwarebytes Labs — Blog. Business Resources. See Content. For Windows. For Mac. Endpoint Protection. For Android. Learn More. For iOS. Incident Response. EDR for Servers. Privacy VPN. Warning message urging users to click Source: IBM. Related Articles: Flubot Android malware now spreads via fake security updates New Android malware targets Netflix, Instagram, and Twitter users Hydra malware targets customers of Germany's second largest bank New Android malware steals millions after infecting 10M phones Emotet malware is back and rebuilding its botnet via TrickBot.
Bill Toulas Bill Toulas is a technology writer and infosec news reporter with over a decade of experience working on various online publications. An open source advocate and Linux enthusiast, is currently finding pleasure in following hacks, malware campaigns, and data breach incidents, as well as by exploring the intricate ways through which tech is swiftly transforming our lives.
Previous Article Next Article. You may also like:. Popular Stories. Newsletter Sign Up To receive periodic updates and news from BleepingComputer , please use the form below. Login Username. Remember Me.
0コメント