Google removed apps that shared malicious library

Google withdrew nearly 60 applications from its digital Play Store, which together had more than one hundred million downloads, for sharing a library of malicious software capable of collecting data from infected computers, such as the list of installed apps or location history.

Goldoson is the name that McAfee researchers gave to the software library that had infected 60 legitimate applications from the Google store. The technology company, after the notice, removed a large part of them, although some are still available after the developers offered an update that eliminated the threat.

These applications, once installed on an Android smartphone, contacted a remote server domain for the installation of configurations that for the operation of specific parameters, with which they collected information from the devices, as detailed from McAfee, in the official blog.

The most common actions they performed were loading malicious ads, collecting data (list of installed apps, location history, Bluetooth and WiFi addresses, etc.) and periodically sending them to the remote server. When these data are combined, “they allow the identification of individuals,” they say from the cybersecurity company.

In order to access this data, around 10 % of the applications had the relevant permission for its collection, which Google Play requires, understanding that it is sensitive data. The rest found difficulties on computers that had the Android 11 system or a higher version installed.

K. Tovar

Source: 20minutos

(Reference image source: file)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram