UPDATE: Huawei has issued a statement about this article and it says, "AppGallery’s built-in security system swiftly identified the potential risk within these apps. We are now actively working with affected developers to troubleshoot their apps. Once we can confirm that the apps are all clear, they will be re-listed on AppGallery so consumers can download their favourite apps again and continue enjoying them."
"Protecting
network security and user privacy is Huawei's priority. We welcome all
third-party oversight and feedback to ensure we deliver on this
commitment. We will continue to collaborate closely with our partners,
and at the same time, employ the most advanced and innovative
technologies to safeguard our users’ privacy."
Protecting network security and user privacy is Huawei's priority. We welcome all third-party oversight and feedback to ensure we deliver on this commitment. We will continue to collaborate closely with our partners, and at the same time, employ the most advanced and innovative technologies to safeguard our users’ privacy.”
Protecting network security and user privacy is Huawei's priority. We welcome all third-party oversight and feedback to ensure we deliver on this commitment. We will continue to collaborate closely with our partners, and at the same time, employ the most advanced and innovative technologies to safeguard our users’ privacy.”
Trojans
(besides the definition that you might be more familiar with) is an app
that hides its true purpose by masquerading as a regular app. But once
the app is installed it unleashes malware that infects the phone
allowing a bad actor to steal personal data and even take control of the
device. According to a fresh report,
researchers at Dr. Web Anti-virus discovered a large malware attack on
Huawei's App Gallery app storefront that led victims to unwittingly
install dangerous malware on their phones.
The 190 infected Android trojan apps were installed approximately 190 million times
The
190 infected Android trojan apps were installed approximately 9.3
million times. Dr. Web says that the malware has been identified as
'Android.Cynos.7.origin' and is believed to be a modified version of the
Cynos malware that is used to collect personal data from victims'
handsets. The researchers ended up alerting Huawei about the trojans and Huawei deleted them from the App Gallery.
Drive School Simulator, one of the apps carrying malware in Huawei's App Gallery
Now here's the thing. Even though Huawei removed the
infected apps from the App Gallery, if you installed any of them on
your phone, it can still be a major problem making your data vulnerable
to getting stolen. The three infected apps with the largest number of
installs include:
- Hurry up and hide – 2,000,000
- Cat adventures – 427,000
- Drive school simulator – 142,000
If
you have any of these apps residing on your Huawei phone, uninstall
them ASAP. You can check out the names of all 190 infected apps by
tapping on this link.
The infected apps can spy on SMS messages, and according to the report
from Dr. Web, "The Android.Cynos.7.origin is one of the modifications of
the Cynos program module. This module can be integrated into Android
apps to monetize them. This platform has been known since at least
2014."
These trojan apps can collect user's personal data and information about their device and send it to a remote server
The
report adds that some of the versions of the malware have aggressive
functionality. "They send premium SMS, intercept incoming SMS, download
and launch extra modules, and download and install other apps." It
obviously is not good to have any of these apps installed on your phone.
The version of the trojan found in Huawei's App Gallery collects
personal information about the user and his device and displays ads.
As
the report notes, right off the bat, you can sense that something is
not right since the app asks for permissions usually not associated with
a gaming app such as the ability to make and manage phone calls. This
gives the trojan the possibility to access certain information.
Once
permission is granted, the app sends certain information to a remote
server including the user's phone number, the device location, some of
the specs belonging to the user's device, and according to the report,
"Various mobile network parameters, such as the network code and mobile
country code; also, GSM cell ID and international GSM location area
code."
The infected apps have already been removed from Huawei's App Gallery app store
Dr.
Web explains the problem with trojan malware apps targeting children.
"At first glance, a mobile phone number leak may seem like an
insignificant problem. Yet in reality, it can seriously harm users,
especially given the fact that children are the games’ main target
audience."
The research site adds that "Even if
the mobile phone number is registered to an adult, downloading a
child’s game may highly likely indicate that the child is the one who
actually is using the mobile phone. It is very doubtful that parents
would want the above data about the phone to be transferred not only to
unknown foreign servers but to anyone else in general."
Source: phonearena.com
