You are using an older browser version. Please use a supported version for the best MSN experience.

Huawei's App Gallery hosted malicious apps installed by millions of Android users

TechRadar logo TechRadar 11/24/2021 Mayank Sharma
a circuit board: Trojan © Provided by TechRadar Trojan

Malware analysts discovered a dangerous information stealer trojan inside hundreds of Android apps on Huawei's AppGallery that have collectively clocked over 9 million downloads.

Discovered by cybersecurity sleuths at Dr. Web, the trojan is a variant of the Cynos malware, called Android.Cynos.7.origin that’s designed to collect sensitive user data. 

“The apps that contain the Android.Cynos.7.origin ask users for permission to make and manage phone calls. That allows the trojan to gain access to certain data,” explain the researchers.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

Interestingly, besides English users, some of the games targeted Russian, and Chinese audiences and were fully localized in these languages. 

Information stealer

The researchers add that the trojan can be integrated into Android apps and employ all kinds of techniques to monetize them at the expense of the downloader. However, the variant found inside the apps in AppGallery collects information about the users and their devices, and displays ads.

“At first glance, a mobile phone number leak may seem like an insignificant problem. Yet in reality, it can seriously harm users, especially given the fact that children are the games’ main target audience,” warn the researchers.

In addition to their phone numbers, the trojan also gathered device location based on GPS coordinates or the mobile network and WiFi access point data, several mobile network parameters, such as the network code and mobile country code, and a lot more.

The researchers found the trojan inside 190 different Android gaming apps, including simulators, arcade games, shooters, and more, all of which worked as advertised, leading to the high number of downloads.

The researchers shared their discovery with Huawei, who promptly removed all the 190 malicious apps. 

Scan your devices with these best Android antivirus apps, and protect yourself online with these best identity theft protection services

AdChoices
AdChoices

More from TechRadar

image beaconimage beaconimage beacon