Tech
McAfee Discovered Goldoson In 60 Android Apps Downloaded Over 100M Times
McAfee – Malicious software continues to evade Google’s security measures to keep them off its Play Store.
The most recent ad-clicker stole privacy was discovered in 60 apps with over 100 million downloads.
The mobile research team at McAfee came across a third-party software library called Goldoson that captures private data and engages in ad fraud.
However, the programmers who utilized Goldoson were unaware that they were incorporating harmful spyware into their applications.
After being installed, Goldson can gather information on the apps that are now running on a device, a history of WiFi and Bluetooth connections, and local GPS locations.
The malware’s ability to commit fraud by clicking on advertising in the background without the user’s knowledge is perhaps its most cunning feature.
This is accomplished by the library loading HTML code and injecting it into a customised, hidden WebView, utilising it to visit several URLs and make ad income without the user knowing.
McAfee found that Goldoson collect sensitive information from around 10% of installed apps
According to McAfee, once a Goldoson-using software is loaded, the library registers the device and receives its remote configurations concurrently with the app’s execution.
Each application uses a different library name, and the remote server domain is obscured.
L.Point with L.Pay, Swipe Brick Breaker, Money Manager Expense & Budget, GOM Player, Live Score, GOM Audio, and Compass 9 are among of the affected applications with the most downloads.
Over 100 million people downloaded these apps from the Google Play shop, but only over 8 million did so via the ONE shop, Korea’s top app store. View a list of all the affected apps here.
The good news is that users of devices running Android 11 and higher are more shielded against apps that try to collect data from other programmes that are installed on a device.
However, McAfee discovered that Goldoson was still able to gather private data from about 10% of installed programmes on the most recent version of the operating system.
How many permissions a user allows the app after installation determines how much data is gathered.
McAfee reported the infringing apps to Google, which then told the creators that their applications needed to be fixed since they had broken Google Play rules.
The Play Store eliminated the apps of those who didn’t respond in time, while the developers upgraded the ones that remained. Any user who has one of these programmes installed should upgrade it to the most recent version.
RELATED CTN NEWS:
Download CX File Explorer APK On Your Android Device [Version 1.9.8]
Nvidia Launched RTX Remix Runtime To Download Now For Free On GitHub
Wifi 7 vs Wifi 6 – Key Differences Between The Latest Wireless Technology
