A cyberattack has infected various popular apps, with malware that has the ability to perform actions on phones without the consent of their owners.
Malware named Goldoson has recently been detected in around 60 legitimate apps from the Google Play Store, accumulating over 100 million downloads. This virus was hiding in a third-party library, a component used by developers to optimize application creation.
The threat, disclosed by researchers from security firm McAfee, is capable of collecting data on installed apps, historical Wi-Fi, Bluetooth device information and GPS locations.
Affected apps also abuse ad fraud by running ads in the background without users’ consent.
Google has been informed of these findings and has, in turn, notified developers of apps in violation of Play Store policies, asking them to update their apps to remain available. According to McAfee, some of the programs have been removed, while others have been updated.
Here is the list of apps affected by the malware and their status on the Google Play Store (removed or updated):
