9.1 C
Qādiān
Sunday, February 9, 2025

Reshaping Perspectives and Catalyzing Diplomatic Evolution

Android malware can infect 60 Google Play apps

San Francisco: A new Android malware named Goldoson has entered Google Play, which has been detected in 60 apps with 100 million downloads. As BleepingComputer reports, the malicious malware component has been integrated into a third-party library that developers inadvertently included in all sixty apps. The Endyou malware, discovered by the research team, is capable of collecting a range of sensitive data, including information on a user’s installed apps, Wi-Fi and Bluetooth connected devices, and GPS locations.

Additionally it can commit ad fraud by clicking on ads in the background without the user’s consent When a user runs an app containing GoldoSon, the library registers the device and receives its configuration from a spoofed remote server. The setup specifies how and how often Goldoson should perform the data-stealing and ad-clicking functions on the infected device.

Furthermore, the report states that the data collection mechanism is usually set to activate every two days, collecting the list of installed apps, geolocation history, MAC addresses of devices connected via Bluetooth and WiFi, and Transmits other information to the C2 server. The amount of data collected is determined by the permissions granted to the infected app during installation as well as the Android version.

Although Android 11 onwards are better protected against arbitrary data collection. The researchers found that Goldoson had sufficient rights to acquire sensitive data in 10 percent of apps, even in newer versions of the OS, as noted in the report. Ad revenue is generated by loading HTML code and sending it to a customized, hidden By injecting into webview and then using it multiple url visits are generated to execute.

There is no indication of this action on the victim’s device. In January, Google’s Threat Analysis Group terminated thousands of accounts linked to a group called DragonBridge, or Spamoflaze Dragon, that disseminated pro-Chinese disinformation on various platforms. According to the tech giant, DragonBridge gets new Google accounts from wholesale account sellers, and has sometimes even used accounts previously used by financially motivated actors to post misinformation videos and blogs.

Read the Latest India News Today on The Eastern Herald.

More

How Online Casino Games in Eastern Countries & the US Differ

Gambling has been a staple of cultures around the...

BRICS strengthens economic independence by moving away from US dollar

Russia and Iran have officially announced that 96% of...
Follow The Eastern Herald on Google News. Show your support if you like our work.

Author

News Room
News Room
The Eastern Herald’s Editorial Board validates, writes, and publishes the stories under this byline. That includes editorials, news stories, letters to the editor, and multimedia features on easternherald.com.

Editor's Picks

Trending Stories

Laurita Fernandez poses totally nude on her back in her Instagram

Laurita Fernandez is one of the most talented dancers...

Israel on high alert for potential Tsunami following Santorini earthquakes

Israeli authorities have issued precautionary measures following a series...

Prostitution in Dubai: Understanding the Dark Side of the City

Dubai, a city celebrated for its lavish shopping experiences,...