ExpensiveWall Android Malware Slips Past Google Play Filters

Pablo Tucker
September 17, 2017

Google's efforts to keep its mobile app store free of malware-laden applications appears to be very much a work in progress considering the recent success cyber-criminals have had uploading rogue software to it.

Check Point notified Google about the threat last month, and it "promptly removed" the offending apps from the Play store.

The Check Point researchers found the ExpensiveWall malware in the Lovely Wallpaper application.

ExpensiveWall is said to be a new variant of the malware Trojanized Photo App found earlier this year on Google Play that used to subscribe users to premium services without their knowledge and send fraudulent SMS messages, charging the accounts for the services.The entire malware family has now been downloaded between 5.9 million and 21.1 million times.

The ExpensiveWall malware registers victims to premium services without their knowledge and sends fraudulent premium SMS messages, charging their accounts for fake services.

It can steal sensitive data and collect information such as the location of a victim using the malware-hit device and its IP address.

A few of the apps which were infected with malware are "Lovely Wallpaper", "I Love Filter", "Tool Box Pro,"Horoscope", "Beautiful Camera", "DIY Your Screen", "Wifi Booster", a lot of them being related to either Camera, Photos, Weather, Wallpapers, and Lock Apps". Before being removed it was already downloaded up to 10,000 times.

RESEARCH FROM SECURITY FIRM Check Point has found more evidence of dratted malware for Android, and this time it's a real blighter called "ExpensiveWall".

ExpensiveWall achieved go undeceted by Google's security procedures by using a technique known as packing, which involves adding malicious code to the infected apps.

Security researchers have revealed that at least 50 apps available from Google's Play Store were housing malware that secretly ran up fees for users.

If you were among those who downloaded one of these malicious apps, your device could still be at risk, Check Point warned. These apps are able to manoeuvre through Google's malware protection, and get listed on Google Play, and even get millions of downloads. The malware can easily be tweaked to carry out more unsafe tasks such as stealing data from the victim's phone or to spy on them. However, you should also remove the app from your device at your end.

Other reports by iNewsToday