'ExpensiveWall' Malware Charged Android Users for Bogus Services

21m fall victim to second Google Android malware attack

ExpensiveWall: Banking Trojan targets Android users with fake SMS messages

Google has had a hard time in making their app store clean from malicious apps.

Check Point notified Google about the threat last month, and it "promptly removed" the offending apps from the Play store.

"Most users grant these permissions without thinking, especially when installing an app from a trustworthy source such as Google Play", Check Point researchers Elena Root, Andrey Polkovnichenko and Bohdan Melnykov wrote.

More than 50 apps on Google Play Store were found to be malicious software that would send text messages with premium offers in order to charge people for services which turned out to be fake.

It is believed that a modified version of malware could steal even more of users' personal data. It involves sending premium SMS messages without the users' knowledge.

When the victims install the application, it requests a permission to access the internet and send and receive SMS messages.

If you were among those who downloaded one of these malicious apps, your device could still be at risk, Check Point warned. After that, the ExpensiveWall malware sends back to the C&C server handset information, including its location, MAC and IP addresses, IMSI, and IMEI numbers. Google's recently announced Play Protect should also be able to remove malicious apps from infected devices, but that might not happen on older versions of Android or on those where users have disabled Play Protect protection.

Apple Watch Series 3 will now get LTE speeds — Mobile backtracks
With the unique iPhone 8 price in India, the mobile phone handset is powered by A11 Bionic SoC six-core processors and better GPU. The tech giant also launched two more phones, iPhone 8 and iPhone 8 Plus, Apple SmartWatch, and the Apple TV.

Cape Town - If you have an Android handset, your cellphone is likely to have been affected by malware on Google Play Store.

Check Point said that applications containing the Android malware, dubbed ExpensiveWall, had been downloaded between 1.2 million and 4 million times.

"What makes ExpensiveWall different than its other family members is that it is "packed" - an advanced obfuscation technique used by malware developers to encrypt malicious code - allowing it to evade Google Play's built-in anti-malware protections", Check Point notes on its blog.

Google is apparently dealing with yet another Android malware outbreak.

Javvad Malik, security advocate at AlienVault, said: "With so much money being flushed into mobile phones and the technology that surrounds them, it's no surprise criminals are targeting their malware efforts in this direction".

"They also need to collaborate closer with security researchers, so that, like in this case, vulnerabilities and malicious app details can be shared quickly and pulled from stores accordingly", he added.

Latest News