Three pieces of glib Android malware get ousted by security researchers and Google

Always vigilant on Android security and development matters, XDA passed the word for three rampant specimens of Android malware identified by security researchers Doctor Web and Check Point. Two of them actually found their way into Play Store apps, despite Google's efforts to keep the place safe.

The first malware is the Skyfin Trojan. It's typically found in .APK files downloaded outside the Play store, so if you are into side-loading or straight-up pirating apps, you are putting yourself at risk – or in the hands of your antivirus software, if you have one running. Anyway, Skyfin is able to steal your information (IMEI, device model, location, language) and make unsupervised app installs, purchases, and ratings. Thankfully, the trojan can't reach devices running Android Marshmallow or later.

Second is HummingWhale, a malware that infected over 20 Android applications with millions of installations before Google removed them upon getting notified by the researchers. The malware would spam your phone with advertisements and generate ad revenue for its creator. It would also make fraudulent Play Store ratings to boost the reputation of other malicious apps that contain it.

Making Android safer, one trojan at a time

Third is the Charger malware. It was found inside a Play Store app called Energy Rescue that posed as a battery optimizer. After installing this app, the virus starts collecting your personal information and requests admin privileges. If they are granted, the malware locks the device and displays a threatening message meant to lure users into believing their personal data is being sold on the black market. It's asking for a 0.2 bitcoins ransom (about $180 at the time of writing) in order to stop the malicious activities. Google has already removed the infected app it from the Play Store, so you are pretty much protected against these shenanigans.

ALSO READ