Goldoson Malware Strikes Again: Infecting Android Apps on the Google Play Store

Posted: April 22, 2023

Categories: Security, Malware Alerts, Phishing

Tags: malware, goldoson malware

Author: Npav Lab

Goldoson Malware Strikes Again: Infecting Android Apps on the Google Play Store

Recently, it was reported that Goldoson malware has infected 60 apps on the Google Play Store, which have been downloaded over 100 million times. This is a concerning development for Android users as it highlights the vulnerability of the Google Play Store and the need for users to be vigilant when downloading apps.

The affected apps include a range of popular categories, such as photography, wallpaper, gaming, and productivity apps. The malicious apps were found to have code that allows the Joker malware to download and execute additional components, which in turn subscribe the user to premium services.

Here are some infected Android apps from the google play store

Goldoson displays unwanted ads on the victim's device, which can be annoying and disruptive. However, the adware also collects sensitive information such as the user's location, device information, and browsing history.

It also engages in click fraud, which involves generating fake clicks on ads to increase revenue for the attacker. This can result in financial losses for the advertisers and can also drain the victim's device battery and data.

Goldson also has the ability to intercept and send SMS messages, which can be used to bypass two-factor authentication systems that rely on SMS messages for verification. This means that even if the victim has set up two-factor authentication for their banking app, Goldson can still access their account.

To avoid detection, Goldson can hide itself from the device's app drawer and notification bar, making it difficult for users to identify that their device has been compromised. It can also communicate with its command and control (C&C) server using encrypted channels, which makes it difficult for security researchers to monitor and analyze its activity.

To protect against Goldson and other similar malware, Android users should follow best practices for mobile security, such as downloading apps only from trusted sources like the Google Play Store, keeping their devices up-to-date with the latest security patches, and being cautious of suspicious messages or requests for sensitive information. They should also consider using mobile security software to detect and remove malware from their devices.

Sharing is caring!
Share

Tweet LinkedIn

← Previous Next →

Comment(s)