Researcher discovered new app malware on Google Play that steals your money

Researcher discovered new app malware on Google Play that steals your money

Maxime Ingrao, safety researcher at cybersecurity corporate Evina, has discovered a new malware circle of relatives that can infect Android apps on Google Play.

It’s named Autolycos — from the homonymous Greek mythological figure, recognized for his mastery in thievery and deceit. And that’s precisely what the malware does.

Since June 2021, Ingrao has recognized 8 inflamed apps on Play Store — downloaded over 3 million occasions.

How does Autolycos paintings?

Greetings, tech nerd!

Are you into devices? And apps? And different cool tech stuff? Then this weekly publication is for you.

According to Evina’s report, the principle objectives of Autolycos is to subscribe customers to top class Direct Carrier Billing (DCB) services and products, with out their wisdom or consent.

Unlike the Joker malware that launches an invisible browser and makes use of Webview, Autolycus launches fraud makes an attempt by means of executing http requests with out the use of a browser.

For some steps, it may possibly execute the urls on a far flung browser and embed the ends up in the http requests.

Here’s how Autolycos is in a position to get admission to a verification PIN code by means of studying a telephone’s notifications:

Autolycos malware