Friday, April 25, 2025
HomeCyber Security NewsNew Android Malware on the Google Play Store with Over 3 Million...

New Android Malware on the Google Play Store with Over 3 Million Downloads

Published on

SIEM as a Service

Follow Us on Google News

A new Android malware called ‘Autolycos’ installed over 3 million times is surfing on the Google Play Store by secretly subscribing users to its premium services.

Maxime Ingrao, Security Researcher from Evina found the new android malware ‘Autolycos’, which is available on the Google Play store at present.

There are two applications that are still available on the google play store including ‘Funny Camera’ by KellyTech, which has over 500,000 installations, and ‘Razer Keyboard & Theme’ by rxcheldiolola, counts over 50,000 installs on the Play Store.

- Advertisement - Google News

As updated on 13th July, Google removed the two applications also from the Google Play Store.

Six Applications Removed From the Google Play Store

  • Vlog Star Video Editor (com.vlog.star.video.editor) – 1 million downloads
  • Creative 3D Launcher (app.launcher.creative3d) – 1 million downloads
  • Wow Beauty Camera (com.wowbeauty.camera) – 100,000 downloads
  • Gif Emoji Keyboard (com.gif.emoji.keyboard) – 100,000 downloads
  • Freeglow Camera 1.0.0 (com.glow.camera.open) – 5,000 downloads
  • Coco Camera v1.1 (com.toomore.cool.camera) –1,000 downloads

Experts warn that “Those who still have them installed risk being charged with costly subscriptions by the malware’s activities”. Users are asked to remove them from their endpoints using antivirus software or other malware-removing solutions.

The Working of Autolycos Malware

This new malware ‘Autolycos’ execute URLs on the remote browser including the result in HTTP requests instead of using Android Webview. Experts say this nature makes its activities unnoticed. Therefore it is not detected by users of compromised devices.

The malware group has promoted its apps to hack new users with several social media campaigns. The group also created various bot reviews which look legitimate to new users or users who are unaware of Autolycos’s activity.

Campaigns on Facebook (@IngraoMaxime)

Generally, the malicious applications requested permission to read SMS content upon installation on the device, allowing the apps to access a victim’s SMS text messages.

Therefore, experts advise the users to download software from verified sources however the App Store and the Play Store are not protected to assaults.

Android users should observe background internet data and battery consumption, keep Play Protect active, and try to reduce the number of apps they install on their smartphones.

Users should persistently be cautious with their devices, keeping them up to date, installing an antivirus solution, and using firewalls to monitor incoming and outgoing data.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Chrome UAF Process Vulnerabilities Actively Exploited

Security researchers have revealed that two critical use-after-free (UAF) vulnerabilities in Google Chrome’s Browser...

Microsoft Defender XDR False Positive Leaked Massive 1,700+ Sensitive Documents to Publish

An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive...

‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security

Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users:...

Hackers Exploit MS-SQL Servers to Deploy Ammyy Admin for Remote Access

A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Chrome UAF Process Vulnerabilities Actively Exploited

Security researchers have revealed that two critical use-after-free (UAF) vulnerabilities in Google Chrome’s Browser...

Microsoft Defender XDR False Positive Leaked Massive 1,700+ Sensitive Documents to Publish

An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive...

‘SessionShark’ – A New Toolkit Bypasses Microsoft Office 365 MFA Security

Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users:...