Huawei’s AppGallery has been targeted in a new massive malware campaign. Almost 9,300,000 Android trojans installs were performed posing as 190 various applications. Dr.Web AV’s researchers made this discovery and attributed the ‘Android.Cynos.7.origin’ label to this recent data-stealing malware. Apparently, it is a different Cynos malware variant. The goal of this new malware is to perform sensitive user info gathering.
Doctor Web malware analysts discovered dozens of games on the AppGallery catalog that have an Android.Cynos.7.origin trojan built into them. This trojan is designed to collect users’ mobile phone numbers. At least 9.300.000 Android device owners have installed these dangerous games.
The New Data Stealing Malware: How It Works
According to Dr. Web’s experts’ report, the hackers behind this managed to hide the data-stealing malware inside Android applications. These apps were posing as games of shooting, platformers, arcades, simulators, and RTS strategy intended for international users or Chinese and Russian-speaking ones.
The newly discovered data-stealing malware is thought to be another version of the trojan dubbed Cynos and can be the author of a series of malicious activities. These could include SMS text spying and various payloads downloading and deployment.
The researchers also underline that this new malware version focuses