Security News > 2021 > November > Over nine million Android devices infected by info-stealing trojan
A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps.
Those who installed the apps on their devices will still have to remove them from their Android devices manually.
The threat actors hid their malware in Android apps pretending to be simulators, platformers, arcades, RTS strategy, and shooting games for Russian-speaking, Chinese, or international users.
Since it's impractical to compare your list of installed apps to the full list of 190 malicious apps, the more straightforward solution would be to run an AV tool that can detect Cynos trojans and their variants.
"The Android.Cynos.7.origin is one of the modifications of the Cynos program module. This module can be integrated into Android apps to monetize them. This platform has been known since at least 2014," explained Doctor Web malware analysts in their report.
In addition to the above, Cynos trojans can potentially download and install extra modules or apps, send premium service SMS, and intercept incoming SMS. As such, these apps can lead to unexpected charges from subscribing to premium services, and they can also drop even stealthier spyware payloads.