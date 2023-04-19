



An investigation by McAfee’s team revealed that a new Android malware dubbed Goldoson attacked the Google Play Store and infected 60 different apps. With over 100 million total app downloads, all Android users should now be extra cautious. Here’s what we know so far.

Which apps were affected?

These apps were affected because the app authors unknowingly used third-party libraries that were infected with malware. Affected apps include:

L.POINT with L.PAY – 10 million downloadsSwipe Brick Breaker – 10 million downloadsMoney Manager Expense & Budget – 10 million downloadsGOM Player – 5 million downloadsLIVE Score, Real-Time Score – 5 million downloadsPikicast – 5 million downloadsCompass 9: Smart Compass – 1 million downloads GOM Audio – Music, Sync Lyrics – 1 million downloads LOTTE WORLD Magicpass – 1 million downloads Bounce Brick Breaker – 1 million downloads Infinite Slice – 1 million downloads SomNote – Beautiful Note App – 1 million downloads Korea Subway Info: Metroid – To get a list of all 1 million downloads, there are 60 apps, whether they’ve been removed or not, you’ll have access to McAfee’s investigative report.

What does Goldoson malware do?

Goldoson has many functions, some of which include collecting data about installed apps, WiFi, Bluetooth connected devices, and your GPS location. It also causes ad fraud as it allows users to click on ads in the background without their knowledge.

When an Android user launches a Goldoson-infected app, a third-party library registers the device and retrieves its configuration from a remote server with compromised domains. This configuration includes guidelines that dictate which data-stealing and ad-clicking features Goldoson should pursue and how often they should be pursued. This data collection feature activates every two days of him and resends various information to our servers, including installed apps, geographic location history, and more.

Even the latest Android models with the latest software were affected as Goldoson had sufficient privileges to collect sensitive data on 10% of the apps within these models.

Is the app still active?

Developers of all affected apps were notified immediately. Some companies were unable to respond effectively and had to remove their apps entirely from the Google Play store. Those who responded quickly had to wipe the app and remove third-party libraries, including Goldoson.

What if one of these apps is on your phone?

Remove app immediately

The best thing to do if you have any of these apps on your phone is to remove them immediately. Google says it’s enough to give these apps the latest updates, but Goldoson is still present in his Android app store in a third party, where you can find your way back to your device from your smartphone. We recommend deleting the app.

Download apps from trusted sources

Never download apps from third-party sources and only download well-rated apps directly from the Google Play Store (or Apple Store if you have an iPhone).

Install good antivirus software on all your devices

Antivirus software prevents these harmful apps from installing malware on your device. It not only removes existing malware from your device, but also prevents you from clicking on malware-installing links in sneaky emails and texts.

Visit CyberGuy.com/LockUpYourTech for my expert reviews of the best antivirus protection for Windows, Mac, Android, and iOS devices.

final thoughts

In light of the recent Goldoson malware attack on the Google Play Store, if you have an Android smartphone, be careful when downloading apps and run antivirus software on all your devices to protect against future threats. It is important to keep the . .

