McAfee’s Mobile Research Team has recently discovered over 60 Android applications with third-party malicious libraries, which are capable of ad fraud and can track the installed app lists and Wi-Fi and Bluetooth device information. These applications were discovered to have been downloaded over 100 million times in the ONE store and Google Play application download markets in South Korea. The malicious library that the application use is called Goldoson.
According to McAfee Mobile Security, the Goldoson library registers the device and receives remote configurations simultaneously. Each application has a unique library name and remote server domain, which are both obscured. McAfee believes that the initial domain name discovered inspired the library’s name, Goldoson.
While Android users in India are reportedly safe from these malicious apps because they are made in South Korea, users in other regions must remain vigilant. Google has removed the applications from its Play Store and has informed developers that their applications are in violation of Google Play policies and require modifications to comply.
The malware is capable of clicking on ads in the background without the user’s consent, which allows it to commit ad fraud. It can also track nearby GPS locations, which is a serious privacy concern. McAfee Mobile Security has reported the apps to Google, which has taken action to remove them.
Although the malicious library was not created by the developers of the applications themselves, users are still at risk when installing these applications. As a result, Android smartphone users are strongly encouraged to remove all apps from their devices and update the remaining apps to the latest version to eliminate any identified threats.
What users need to do
Users are strongly advised to update their apps to the most recent version to eliminate any identified threats from their devices. Additionally, they should remove all apps from their devices, as the malware can pose a significant risk to their privacy and security. Android users should also be wary of installing apps from untrusted sources and should only download apps from Google Play Store or other trustworthy app stores.
In conclusion, it is important to remain vigilant when installing apps, as malicious actors continue to find new ways to exploit Android devices. By keeping apps updated and downloading from trustworthy sources, users can help protect their devices from potential threats.