The Google Play store was targeted by a vicious malware software.
Malware is a software that scammers use to perform different types of fraud. This malware was named ExpensiveWall because it was found hidden in wallpaper apps. This scam affected more than 21 million Google Play users. It is to be the second-biggest attack on the Google Play store. The biggest attack was with Judy Malware in early 2017.
Check Point Software Technologies notified Google about ExpensiveWall in August of 2017. Checkpoint Software Technologies is a cyber security company in Israel. Android users were unaware of the malware in the apps they downloaded due to a method known as “packing.” Packing is a strategy used by hackers to hide malware through extensive encryption. This is how 50 apps were easily affected by the malware. Google Play users then downloaded those 50 apps over 4 million times.
ExpensiveWall scammed customers by charging them for fake services. In some cases this malware was able to steal customers’ personal cell phone data.
After Google found out about ExpensiveWall, it immediately removed the affected apps from the Google Play Store. But days later another version of the malware was detected in the Google Play Store. This version reached 5,000 individual devices before Google stepped in.
There were a lot of bad reviews for the affected apps left by Google Play customers. This did not stop the scammers behind ExpensiveWall from getting users to download the affected apps though. Even with the bad reviews, users still downloaded the affected apps. This means that people probably downloaded these apps through advertising on social media.
Unfortunately, the perpetraitors behind ExpensiveWall have not been tracked down. After the apps were taken down Google spokesperson, Aaron Stein praised Check Point for their help. Stein commented, “We’ve removed these apps from Play always appreciate the research community’s efforts to help keep the Android ecosystem safe.”