Savvies, the researcher Maxime Ingrao was the first to highlight this new group of malware. Ingrao dubbed it “Autolycos,” and claimed at least eight Android apps packaged the new malware for unsuspecting victims to download. The worst part? Android users have downloaded those eight apps over three million times collectively, meaning Autolycos found its way onto millions of devices.
While Autolycos may be present in other apps, these are the eight titles Ingrao confirmed to be hiding the malware. They’re listed here in descending order of the number of downloads they reached before being removed from the Play Store:
Delete these apps, if you still have them
Vlog Star Video Editor: 1 million downloads
Creative 3D Launcher: 1 million downloads
Funny Camera: 500,000 downloads
Razer Keyboard & Theme: 500,000 downloads
Wow Beauty Camera: 100,000 downloads
Gif Emoji Keyboard: 100,000 downloads
Freeglow Camera 1.0.0: 5,000 downloads
Coco Camera v1.1: 1,000 downloads
How to protect yourself from Autolycos and other malware apps
First and foremost, take a good look at the list of apps above. If you installed any on your Android device, delete them now. While none are currently available for download, their removal from the Play Store doesn’t affect apps already installed on devices.
Going forward, rigorously investigate apps on the Play Store before downloading them to your phone. Take a look at the name of the app, the preview images, and the description: Does everything make sense for the type of app its purporting to be? Descriptions should be clear and well-written, and images should be high-quality and show off basic features advertised.
Scan reviews: If you notice a lot of bad reviews, skip the app. However, notice how positive reviews are written, as well. If the five star reviews are all poorly worded, or seem to miss the point of the app in general, that’s a sign they are bot-generated reviews meant to inflate the rating of a malicious or junk app.
Most importantly, check the permissions the app will be requesting upon installation. A video editor, for example, has no business asking for permission to read your SMSs, while a theme app should not have access to your location or health data. If you notice too many permissions on the list, especially when those permissions don’t match the app’s purpose, avoid it.
Paid is the word I cannot afford
I already said subscribed and how can I see your post