A collection of Android games from Huawei’s App Gallery for Android are trying to get access permission from users. Doctor Web reports 190 trojan-filled games are spreading across the Android landscape on Huawei Android, the fork of the platform created by the Chinese company following Google ending official support.
According to the report, more than 9.3 million Android users have installed at least one of the infected games. Doctor Web researchers believe the games are set up to attract as many users as possible and then take user details like device data and phone numbers.
With this information, the threat actors can target ads towards the users, making this a particularly dangerous example of adware. All the apps are real games users can play. They are enticing titles aimed at children and cover genres like strategy, arcade, simulators, platformers, and shooters.
It seems most the games are targeting Russian and Chinese users because they have names in both languages. One Chinese game known as “Hurry Up and Hide” (快点躲起来) has been installed over 2 million times.
You can see the full list of 190 malware-rigged applications here.
Researchers call the new trojan being used Android.Cynos.7.origin. As the name suggests, it is a modification to the Cynos malware. This is a well-known module that has been seen before infecting Android apps.
Once a game is downloaded, it will ask the user for permission to take control of phone calls. “That allows the trojan to gain access to certain data,” Doctor Web says. Once given permission, the torjan infiltrates the device and takes the following information:
- “User mobile phone number
- Device location based on GPS coordinates or the mobile network and Wi-Fi access point data (when the application has permission to access location)
- Various mobile network parameters, such as the network code and mobile country code; also, GSM cell ID and international GSM location area code (when the application has permission to access location)
- Various technical specs of the device
- Various parameters from the trojanized app’s metadata”
Tip of the day: Do you often experience PC freezes or crashs with Blue Screens of Death (BSOD)? Then you should use Windows Memory Diagnostic to test your computers RAM for any problems that might be caused from damaged memory modules. It is a tool built which can be launched at startup to run various memory checks.