Great Moto G Stylus deal on Amazon!
PhoneArena unveils the ultimate collector’s book for phone enthusiasts
PhoneArena unveils the ultimate collector’s book for phone enthusiasts

190 Android apps with trojan malware were installed 9.3 million times

By
10comments
Android Apps Games Google Huawei
190 Android apps with trojan malware were installed 9.3 million times
UPDATE: Huawei has issued a statement about this article and it says, "AppGallery’s built-in security system swiftly identified the potential risk within these apps. We are now actively working with affected developers to troubleshoot their apps. Once we can confirm that the apps are all clear, they will be re-listed on AppGallery so consumers can download their favourite apps again and continue enjoying them."

"Protecting network security and user privacy is Huawei's priority. We welcome all third-party oversight and feedback to ensure we deliver on this commitment. We will continue to collaborate closely with our partners, and at the same time, employ the most advanced and innovative technologies to safeguard our users’ privacy."

Protecting network security and user privacy is Huawei's priority. We welcome all third-party oversight and feedback to ensure we deliver on this commitment. We will continue to collaborate closely with our partners, and at the same time, employ the most advanced and innovative technologies to safeguard our users’ privacy.”

Trojans (besides the definition that you might be more familiar with) is an app that hides its true purpose by masquerading as a regular app. But once the app is installed it unleashes malware that infects the phone allowing a bad actor to steal personal data and even take control of the device. According to a fresh report, researchers at Dr. Web Anti-virus discovered a large malware attack on Huawei's App Gallery app storefront that led victims to unwittingly install dangerous malware on their phones.

The 190 infected Android trojan apps were installed approximately 190 million times


The 190 infected Android trojan apps were installed approximately 9.3 million times. Dr. Web says that the malware has been identified as 'Android.Cynos.7.origin' and is believed to be a modified version of the Cynos malware that is used to collect personal data from victims' handsets. The researchers ended up alerting  Huawei about the trojans and Huawei deleted them from the App Gallery.

Now here's the thing. Even though Huawei removed the infected  apps from the App Gallery, if you installed  any of them on your phone, it can still be a major problem making your data vulnerable to getting stolen. The three infected apps with the largest number of installs include:
 
  • Hurry up and hide – 2,000,000
  • Cat adventures – 427,000
  • Drive school simulator – 142,000
If you have any of these apps residing on your Huawei phone, uninstall them ASAP. You can check out the names of all 190 infected apps by tapping on this link.  The infected apps can spy on SMS messages, and according to the report from Dr. Web, "The Android.Cynos.7.origin is one of the modifications of the Cynos program module. This module can be integrated into Android apps to monetize them. This platform has been known since at least 2014."

These trojan apps can collect user's personal data and information about their device and send it to a remote server


The report adds that some of the versions of the malware have aggressive functionality. "They send premium SMS, intercept incoming SMS, download and launch extra modules, and download and install other apps." It obviously is not good to have any of these apps installed on your phone. The version of the trojan found in Huawei's App Gallery collects personal information about the user and his device and displays ads.

As the report notes, right off the bat, you can sense that something is not right since the app asks for permissions usually not associated with a gaming app such as the ability to make and manage phone calls. This gives the trojan the possibility to access certain information.

Once permission is granted, the app sends certain information to a remote server including the user's phone number, the device location, some of the specs belonging to the user's device, and according to the report, "Various mobile network parameters, such as the network code and mobile country code; also, GSM cell ID and international GSM location area code."

The infected apps have already been removed from Huawei's App Gallery app store


Dr. Web explains the problem with trojan malware apps targeting children. "At first glance, a mobile phone number leak may seem like an insignificant problem. Yet in reality, it can seriously harm users, especially given the fact that children are the games’ main target audience."
The research site adds that "Even if the mobile phone number is registered to an adult, downloading a child’s game may highly likely indicate that the child is the one who actually is using the mobile phone. It is very doubtful that parents would want the above data about the phone to be transferred not only to unknown foreign servers but to anyone else in general."
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Mobile Tech News Journalist
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Popular stories

T-Mobile may raise 'older rate' plan prices in June
T-Mobile may raise 'older rate' plan prices in June
T-Mobile celebrating Mint purchase with new and upgraded perks for customers
T-Mobile celebrating Mint purchase with new and upgraded perks for customers
Meta rubs salt in Apple Vision Pro wounds – the Android of AR/VR is here, and I'm super excited
Meta rubs salt in Apple Vision Pro wounds – the Android of AR/VR is here, and I'm super excited
4 billion Android users who downloaded apps flagged by Microsoft need to take some actions to stay safe
4 billion Android users who downloaded apps flagged by Microsoft need to take some actions to stay safe
Grab the JBL Xtreme 3 at its Black Friday price on Amazon and enjoy blasting tunes on the cheap
Grab the JBL Xtreme 3 at its Black Friday price on Amazon and enjoy blasting tunes on the cheap
T-Mobile, Verizon, and AT&T fined heavily for selling access to real-time customer location data
T-Mobile, Verizon, and AT&T fined heavily for selling access to real-time customer location data
Loading Comments...

Latest News

6G data speeds hit 100Gbps in test, 500 times faster than average 5G data speeds
6G data speeds hit 100Gbps in test, 500 times faster than average 5G data speeds
Patent application could indicate that Apple is working on a foldable iPhone
Patent application could indicate that Apple is working on a foldable iPhone
Check the list to see if your OnePlus device is eligible to receive OxygenOS 15
Check the list to see if your OnePlus device is eligible to receive OxygenOS 15
Bye AMD? Samsung reportedly plans to use in-house GPU starting with Exynos 2600 SoC
Bye AMD? Samsung reportedly plans to use in-house GPU starting with Exynos 2600 SoC
Under-screen Face ID for iPhone reportedly delayed (again)
Under-screen Face ID for iPhone reportedly delayed (again)
Mystery premium segment U.S smartphone will be powered by flagship MediaTek chipset
Mystery premium segment U.S smartphone will be powered by flagship MediaTek chipset
FCC OKs Cingular\'s purchase of AT&T Wireless