Another month, another Android malware discovery. Recently Check Point security research found that a new form of Android malware was able to evade Google Play’s built-in anti-malware protections and could have infected up to 4.2 million devices.
The new strain of malware – known as ExpensiveWall – was discovered and reported by Check Point early last month. It represent a new variant of the malware found earlier this year on Google Play, and according to researchers the entire malware family has been downloaded between 5.9 million and 21.1 million times.
Check Point said ExpensiveWall was “packed” inside wallpaper apps, which is why it managed to elude the Google Play Store’s anti-malware barriers. “Packing” is a well-known method used to encrypt malicious code within apps which allows them to go undetected by standard security solutions.
The affected apps will start asking for seemingly harmless permissions including SMS and internet access. If granted, the malware will then start sending out premium SMS messages and register the mobile device in question to premium services that don’t exist without the owner’s knowledge.
Even if Google was notified of the issue and worked to remove all the apps affected by the malware (after August 7), users who have installed any of these apps on their device remain at risk, so the solution is to manually remove them from their devices. A list of infected apps has been provided by Check Point.
Check Point notes that while Expensive Wall was created with the intent of creating profit, a similar malware could be used for far more sinister purposes like collecting personal content like pictures, recording or other sensitive data.
How can you stay protected against malware such as Expensive Wall? There’s no real bulletproof solution to this issue, but it would be helpful if you decided to stay away from shady/obscure apps and instead install only high-profile apps which have been positively reviewed by the Play Store community.