The government has warned that Android Malware Goldoson infected Google Play Apps and further advised to remain cautious while downloading/installing apps even from trusted sources and adopt best practices of always limiting app permissions, and checking developers’ legitimacy, and reviews.
The government has issued an advisory that reportedly, android malware named Goldoson has infiltrated the Google Play Store through 60 legitimate apps.
The malicious malware component is part of a third-party library being used by app developers. Goldson malware is capable of collecting data on mobile including app details, wirelessly connected devices, GPS location, etc.
It can also perform advertisement fraud by clicking ads without the user’s consent. A few infected apps are as follows:-
- Swipe Brick Breaker
- Bounce Brick Breaker
- Korea subway Info: Metroid etc
- GOM Player
- GOM Audio-Music, Sync lyrics
- Live Score, Real-Time Score
- Compass 9: Smart Compass
- Lotte World Magicpass
- Infinite Slice
- L.Point with L.Pay
- Money Manager Expense & Budget
The Advisory noted that although Google Play has blacklisted the above-mentioned apps, users are advised to manually check and remove these apps (if previously installed).
Users are also urged to remain cautious while downloading/installing apps even from trusted sources and adopt best practices of always limiting app permissions, and checking developers’ legitimacy and reviews.