Security News > 2023 > April > Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads.
The malicious malware component is part of a third-party library used by all sixty apps that the developers unknowingly added to their apps.
McAfee is a Google App Defense Alliance member that helps keep Google Play clean from malware/adware threats.
Many of the affected apps were cleaned by their developers, who removed the offending library, and those that didn't respond in time had their apps removed from Google Play for non-compliance with the store's policies.
Google confirmed the action to BleepingComputer, stating that the apps violated Google Play policies.
"The safety of users and developers are at the core of Google Play. When we find apps that violate our policies, we take appropriate action," Google told BleepingComputer.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Fake Homebrew Google ads target Mac users with malware (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Bans 158,000 Malicious Android App Developer Accounts in 2024 (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)