Huawei: Trojan infects nine million users of its AppGallery

Security researchers at Dr.Web have detected a Trojan horse called Android.Cynos.7.origin in more than 190 video game applications listed on Huawei AppGallery, the Chinese giant’s online store.
Among them, games of simulation, arcade, strategy, shooting, etc. In total, these infected applications have totaled more than 9.3 million downloads, or as many victims.

Once installed, this malicious code siphons off a lot of information, such as phone number, geolocation data, mobile network parameters, technical specifications of the terminal and video game usage data. The malware then displays advertisements.

Also to discover in video:

We are actively working with affected developers to resolve this issue. As soon as we determine that these apps are completely safe, they will be listed again on the AppGallery so that users can download their favorite apps, but other hassles are possible as well. The Cynos platform, indeed, is well known to security researchers. Its modular architecture makes it easy to add malicious functionality. Certain copies detected in the past could thus send Premium SMS, intercept SMS, or even install other applications.

Huawei has since removed the 190 apps pointed out by Dr.Web, while leaving a door open.

“We are actively working with affected developers to resolve this issue. As soon as we determine that these apps are completely safe, they will be listed again on the AppGallery so that users can download their favorite apps ”Huawei explained to us in a press release.

It is not sure that this advertisement is welcome for the alternative application store to the Play Store that the Chinese giant had to set up when it was deprived of Google services by the US administration. In any case, this is proof that even official stores can suffer from serious security problems.

Source : Bleeping Computer

Leave a Comment