White Hat Institute

Huawei’s AppGallery running malware apps

Huawei’s AppGallery
(This image was retrieved from vybe.ch)

Huawei’s AppGallery has almost 9 million Android phones running malware apps

About 9.3 million Android phones have been compromised with a new type of malware that masquerades as numerous arcade, action, and strategy games on Huawei’s AppGallery store in order to gather user data and users’ telephone numbers.

Analysts at Doctor Web discovered the mobile attack and classed the trojan as “Android.Cynos.7.origin,” simply due to the fact that it is a modified variant of the Cynos malware. Some of the 190 rogue games discovered were made for Russian-speaking players, while others were made for Chinese or international audiences.

The malicious applications asked the users for permission to make and control phone calls once they were installed and then used that authority to capture their telephone number as well as other device information like geolocation, mobile network characteristics, and system metadata.

According to researchers at Doctor Web: “A mobile phone number leak may appear to be a minor issue at first glance. However, given that youngsters are the primary target audience for the games, it can cause substantial harm to users. Even though an adult’s phone number is registered, installing a child’s game indicates that the youngster is the one who uses the device. Parents are unlikely to really want their children’s phone data to be sent not only to unknown overseas servers but to anyone else in particular.”

While the spyware apps have already been removed from app stores, consumers who have downloaded them on their smartphones will need to delete them manually to avoid further exploitation.