Science

ExpensiveWall is the Latest Type of Malware Spotted in the Play Store

ExpensiveWall is the Latest Type of Malware Spotted in the Play Store

These apps are able to manoeuvre through Google's malware protection, and get listed on Google Play, and even get millions of downloads.

Check Point notified Google about the threat last month, and it "promptly removed" the offending apps from the Play store.

At least 50 apps that Android users have downloaded about 4 million times, was hacked by a new form of malware that used the method of "packing" is the compression code by using the encryption that allows it to evade security filters Google.

To oversimplify the process: apps with ExpensiveWall request internet and SMS permissions, connect to a remote server at regular intervals, and run what is sent to it by the server in an embedded WebView.

The malware known as ExpensiveWall, which has affected apps that have been downloaded by millions of users, uses excessive permissions to sign users up for premium services without their knowledge.

In fact, the ExpensiveWall malware is not completely new to security researchers.

The ExpensiveWall malware registers victims to premium services without their knowledge and sends fraudulent premium SMS messages, charging their accounts for fake services.

Five Dead at Hollywood Nursing Home Left Without Power After Irma
While the causes of their deaths were not immediately clear, the entire facility was evacuated due to the cooling issues. Five people are dead at a Florida nursing home after the building's air-conditioning broke during Hurricane Irma .

"While ExpensiveWall is now designed only to generate profit from its victims, a similar malware could be easily modified to use the same infrastructure in order to capture pictures, record audio, and even steal sensitive data and send the data to a command and control (C&C) server", added the firm in case we weren't anxious enough.

Unlike the previously discovered version, this strain of malware uses so-called "packing", an advanced obfuscation technique created to bypass Google's built-in security filters. In contrast to the majority of malware detected in Google Play, this "directly causes harm to users" and emptied their accounts.

Altogether, the malware family could have been downloaded over 21 million times.

According to the experts, Google has missed some warnings about the malware infection published by users who have downloaded the applications.

ExpensiveWall takes its name from one of the poisoned apps that it uses to spread itself.

The problem is that such incidents are becoming more and more frequent these days. With the number of Assistant apps growing, or at least changing, it may be time that Google look at introducing an assistant section to the Play Store. You can also navigate to it via the hamburger menu in the Home App and then the Explore tab.