The Google Play Store has had its fair share of malicious apps that it’s had to purge, oftentimes only after the aforementioned apps managed to infect millions of phones first. Now, it’s the Huawei AppGallery’s turn.
The cybersecurity analysts over at Dr.Web have discovered a variant of the Cynos malware in the form of a trojan hidden inside hundreds of Android apps. For those not familiar, like the Greek army in the Trojan war gaining access to the city of Troy, a trojan virus hides inside other innocuous-looking apps, then steals your info or gains access to things it shouldn’t when you aren’t looking.
AppGallery looking kinda sus
In this case, the variant, named Android.Cynos.7.origin is designed to collect sensitive data, by requesting permission to make and manage phone calls. The games and apps that held the malware didn’t only target an English audience, there were also fully localised Russian and Chinese versions.
This particular malware variant found in the apps and games in the AppGallery collected user data and also displayed ads. We can’t decide which is worse.
The data collected included the user’s phone number, device location based on GPS coordinates or mobile network data, WiFi access point data, mobile network settings and device technical specs.
Perhaps the worst part is that this trojan was found in around 190 Android games in the AppGallery, games that are usually downloaded by children. The games in question all ran as they should without any sign there was a problem. This led to a high download number as the games seemed reputable.
When all this news was shared with Huawei they promptly removed all 190 apps from the AppGallery. Let’s hope some progress is made in checking apps before they’re made available for children to download in the future.