



If you’re an Android user, you’ve been warned against using 36 apps that may compromise your privacy and security. These rogue apps can steal your banking details and other important information. The Google Play Store has launched a crackdown and banned 36 of these apps. McAfee informs us about the app in a blog post: “Infected applications are available from various Android application stores, with over 100 million downloads tracked through Google Play, followed by ONE store, South Korea’s leading app store. 8 million installs.”

According to the blog post, McAfee’s mobile research team discovered a software library named Goldoson. It collects a list of installed applications and history of Wi-Fi and Bluetooth device information, including nearby GPS locations. Additionally, the library has the ability to perform ad fraud by clicking ads in the background without user consent.

“Our research team found over 60 applications containing this third-party malicious library, with over 100 million downloads on the South Korean ONE store and Google Play app download market. Although the library was created by someone else, the app installer remains a risk for app developers,” the post added.

McAfee also reported the discovered apps to Google, and Google took prompt action. Google reportedly notified the developer that the app violated Google Play policies and required a fix to be compliant. 36 apps have been removed from Google Play Store, while others have been updated by their official developers. There are over 60 apps, 27 apps have been updated, and 36 other apps have been removed from the Play Store by Google. If you downloaded these 36 apps, delete them now.

You can check the list of apps under the banner here: List of apps and current status

Google Play considers the list of installed apps to be personal and sensitive user data and requires a special declaration of permission to obtain it. Android 11+ users are better protected from apps that try to harvest all installed apps. “But we found that even on the latest version of his Android, about 10% of apps using Goldoson have his QUERY_ALL_PACKAGES permission, which allows access to app information,” he said. .

Similarly, on Android 6.0 and higher, the user may be prompted for permissions such as location, storage, and camera at runtime. If the user allows the location permission, the app can access not only her GPS data, but also her nearby Wi-Fi and Bluetooth device information.

