At least 9.3 million Android devices have been infected by a new class of malware that disguises itself as dozens of arcade, shooter, and strategy games on Huawei’s AppGallery marketplace to steal device information and victims’ mobile phone numbers.
The mobile campaign was disclosed by researchers from Doctor Web, who classified the trojan as “Android.Cynos.7.origin,” owing to the fact that the malware is a modified version of the Cynos malware. Of the total 190 rogue games identified, some were designed to target Russian-speaking users, while others were aimed at Chinese or international audiences.
Once installed, the apps prompted the victims for permission to make and manage phone calls, using the access to harvest their phone numbers along with other device information such as geolocation, mobile network parameters, and system metadata.
“At first glance, a mobile phone number leak may seem like an insignificant problem. Yet in reality, it can seriously harm users, especially given the fact that children are the games’ main target audience,” Doctor Web researchers said.
images from Hacker News