Researchers identified eight malicious Android apps, mostly camera utilities, and children’s games, that were spreading a new data-stealing malware strain that also signs victims up for expensive premium services. The malware, named Haken, was found in apps is in the Google Play marketplace. Since it was discovered, victims have claimed that the malware signs them up for premium subscription services without permission and covertly. The eight apps have since been removed from the Play Marketplace, however, they had already been downloaded 50,000 times collectively. The apps functioned as advertised in the app description, performed an array of malicious functions behind the scenes.
The Haken malware has been deemed “clicker” malware, meaning that it mimics the user and is able to click on anything that appears on the device’s screen. This allows the malware to impact the victim in two primary ways. First, the downloaded apps are able to sign users up for subscription services, costing them money. Second, the malware has the ability to access sensitive information on the mobile screen, including everything from work emails to messaging app conversations.
Read More: New ‘Haken’ Malware Found On Eight Apps In Google Play Store