Research from the team at McAfee has just revealed that a new Android malware which has been named Goldoson has attacked the Google Play Store and infected 60 different apps. The apps collectively have over 100 million downloads, and now all Android users must be extra cautious. Here's what we know so far.
What apps have been affected?
These apps were affected because when they were being developed, their creators unknowingly used a third-party library that had already been infected with the malware. Some of the affected apps include:
HUNDREDS OF BANKING APPS AT RISK FROM THE NEW NEXUS ANDROID TROJAN
What does the Goldoson malware do?
Goldoson has many capabilities, some of which include collecting data on installed apps, WiFi, and Bluetooth-connected devices, and the user's GPS locations. It also can click ads in the background without the user knowing, which causes ad fraud.
Once an Android user launches an app that is infected with Goldoson, the third-party library will register the device and get its configuration from a remote server whose domain has been tampered with. That configuration contains guidelines that tell Goldoson what data-stealing and ad-clicking functions to pursue and how often to pursue them. This data collection function will activate every two days and will resend the server different information including installed apps, geographical location history, and more.
Even the most recent Android models with the most updated software were affected, as Goldoson had enough permissions to gather sensitive data in 10% of the apps within these models.
Are the apps still active?
The developers of all the affected apps were notified immediately. Some did not respond efficiently and therefore had to have their apps removed entirely from the Google Play Store. Those who did respond promptly had to clean out their apps and remove the third-party library that contained Goldoson.
What if I have one of these apps on my phone?
The best thing to do if you have one of these apps on your phone is to delete them immediately. Although Google has said that simply giving these apps their latest update would suffice, Goldoson still exists on third-party Android app stores and can still find its way back to your device. You're better off deleting the app from your phone.
FREE ANTIVIRUS: SHOULD YOU USE IT?
Keep in mind that you should never download an app from a third-party source and only download apps that are well-reviewed directly from the Google Play Store (or Apple Store for those who have iPhones).
Antivirus software will protect you from installing malware onto your devices from any of these harmful apps. It will also remove existing malware from your devices as well as prevent you from clicking on malware-installing links in sneaky emails and texts.
See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by heading to CyberGuy.com/LockUpYourTech .
Final thoughts
In light of the recent Goldoson malware attack on the Google Play Store, if you have an Android phone, you must be cautious when downloading apps and it is important to keep your antivirus software up and running on all of your devices to protect against future threats.
Have you installed these apps or other harmful apps onto your Android? Let us know at CyberGuy.com/Contact .
For more of my tips, subscribe to my free CyberGuy Report Newsletter by heading to CyberGuy.com/Newsletter .
Copyright 2023 CyberGuy.com. All rights reserved.
