[TheRecord] More than 9 million smartphones infected with Cynos malware

Chinese smartphone vendor Huawei has temporarily removed 190 Android games from its official AppGallery app store after it received a report from Russian security firm Dr.Web that the apps contained an overly aggressive monetization library that was collecting extensive details from users’ devices.

Huawei said it is now working with the app developers to investigate if the data collection has been taking place behind their backs and find replacement monetization libraries.

More than 9.3 million users have installed one of these 190 Android games, according to download stats listed on the AppGallery store.

“Some of these games target Russian-speaking users: they have Russian localization, titles, and descriptions. Others target Chinese or international audiences,” Dr.Web said in a report this week.

The company said it has been tracking this threat under the Cynos malware definition since March this year.

According to its investigation, the malicious Cynos library had been observed collected extensive information from devices where its parent apps were installed, such as:

Phone numbersGeo-location dataWiFi network detailsMobile network parameters and identifiersPhone hardware and software specs

“At first glance, a mobile phone number leak may seem like an insignificant problem. Yet, in reality, it can seriously harm users, especially given the fact that children are the games’ main target audience,” Dr.Web researchers explained.

While the games were removed from the official app store, they are still installed on users’ devices, and users will need to manually uninstall them.

A list of all the games that Dr.Web classified as infected with a version of the Cynos malware is available here.

While most security experts focus on Android malware strains that contain spyware-like behavior, the reality is that most Android threats are focused on extensive personal data collection and ad fraud. This might not defraud users, but it defrauds advertisers and also indirectly fuels the data trading underground, where user details are often compiled and sold without users’ permission.

The post More than 9 million smartphones infected with Cynos malware appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[ThreatPost] Transnational Fraud Ring Bilks U.S. Military Service Members Out of Millions

All posts, ThreatPost

A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans. Source: Read More (Threatpost)

Read More

[ZDNet] Logitech Bolt: New wireless protocol provides added security for mice and keyboards

All posts, ZDNet

Logitech’s MX Master and Ergo ranges of keyboards and mice will get a business-focused upgrade with support for the company’s new Bolt wireless technology. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ThreatPost] Windows 10 Admin Rights Gobbled by Razer Devices

All posts, ThreatPost

So much for Windows 10’s security: a zero-day in the device installer software grants admin rights just by plugging in a mouse or other compatible device. Source: Read More (Threatpost)

Read More