Delete these 8 Android apps immediately, they will steal your personal information

A new malware has been found in eight Android apps on the Google Play Store, which allows users to subscribe to a premium service without the user knowing. These eight apps had been downloaded more than 3 million (30 lakh) times. A security researcher gave information about this malware through a tweet, in which he named the malware as ‘Autolycos’. It was also told in the tweet that out of these eight apps present on Google Play Store from 2021, only six were removed. However, currently these eight apps have been removed from the store.

Maxime Ingrao, a security researcher at cybersecurity firm Evina, informed through a tweet thread on Wednesday that he discovered malware named ‘Autolycos’, which was present in at least 8 Android applications. Autolycos is a malware that secretly executes a URL on a remote browser with malicious intent and then includes the result in an HTTP request instead of using the WebView. Apart from this, it also obtains permission to read SMS through malware apps, through which the user’s personal information is stolen.

In the tweet thread, the researcher said that this malware was present in eight apps, which include Vlog Star Video Editor, Creative 3D Launcher, Wow Beauty Camera, Gif Emoji Keyboard, Freeglow Camera, Coco Camera v1.1. All these had been downloaded more than 30 lakh times. In the tweet, the researcher said that two of these apps had not been removed at the time of the tweet. However, currently both these apps are not present on Google Play, which means that after the tweet, Google has removed these apps from the store.

BleepingComputer was founded by researcher Ingrao. told That he had detected these apps in June 2021 itself and had shared his investigation with Google at that time. He also said that Google had acknowledged receiving his report, but still it took six to one year for the company to remove these apps.

As we mentioned, Autolycos is a malware that secretly does things like maliciously execute a URL on a remote browser and then include the result in an HTTP request instead of using the WebView. Additionally, in many cases, apps containing this malware also asked for permission to read SMS content when installed on the device, giving the apps access to the target’s SMS.

BleepingComputer’s report further states that to promote the apps to new users, Autolycos operators also ran several advertising campaigns on social media. For the Razer Keyboard & Theme app alone, researcher Ingrao detected 74 ad campaigns on Facebook.

Additionally, while some of these malware apps received negative reviews on the Play Store, they maintained good user ratings through bot reviews.