This malicious code siphons the phone number and displays s. The Chinese giant has removed all 190 infected applications.
Dr.Web security researchers havetected a Trojan horse called Android.Cynos.7.origin in more than 190 video game applications referenced on Huawei AppGallery, the online store of the Chinese giant.
Among them, simulation games, arcade, strategy, shooting, etc. In total, these infected applications have totaled more than 9.3 million downloads, or as many victims.
Once installed, this malicious code siphons a lot of information, such as phone number, data from geolocation, mobile network parameters, technical specifications of the terminal and video game usage data. Subsequently, the malware displays s.
Also to discover in video:
But other hassles are also possible. THEhe Cynos platform, indeed, is well known to security researchers. Its modular architecture makes it easy to add malicious functionality. Certain copies detected in the past could thus send Premium SMS, intercept SMS, or even install other applications.
Huawei has since deleted the 190 applications pointed out by Dr.Web, while leaving an open door.
It is not sure that this is welcome for the alternative application store to the Play Store that the Chinese giant had to set up when it was deprived of Google services by the US administration. In any case, this is proof that even official stores can suffer from serious security problems.
Source : Bleeping Computer