Malware that ‘disguises’ the game
The attack campaign of this malicious code was exposed by researchers from Dr.Web. The researchers classified this trojan as “Android.Cynos.7.origin”, a variant of the Cynos malware. For ease of penetration and operation, this new malware disguises itself as a variety of games on Huawei’s AppGallery store, from arcade, shooting to strategy.
Up to 9.3 million Android devices are believed to have been infected with malicious code ‘disguising’ games on Huawei AppGallery
To date, Dr.Web’s research has identified 190 malicious games, some of which are aimed at Russian-speaking users, while others are aimed at Chinese or international users. .
This new type of malware still requires users to grant permissions directly to the application. Specifically, once installed, the apps will prompt victims for permission to make and manage phone calls, using the access to collect their phone numbers along with other information such as location. geography, mobile network parameters, and system metadata.
Malware ‘disguising’ the game will try to ask users for as much privacy as possible
As such, this type of malware requires direct user action to activate. However, most people who download and play games are still children, not including a large part of adult accounts that download and give to children to play, so this is still a type of malware that needs extreme vigilance. pitch from the user.
In fact, apps and games that contain malware of this type have already been removed from the app stores, but users who have installed the app on their devices will need to manually delete them. remaining applications to avoid further exploitation.
Most of these types of malware require users to directly grant permissions. The common way of ‘defense’ against malicious malware of this type is to limit the download of applications and games from strange publishers and need to read and think carefully before granting permission to an application.