Android fans are being warned about the re-emergence of a malware that’s infected millions of devices and a Google Play Store threat. Android is one of the most used pieces of software in the world with over two billion people using it each and every month. The Google mobile OS has been subject to some high profile security threats, including the Judy malware which was spread via the Google Play Store. And now Android fans are once again being warned about security risks associated with the OS.
The annual Android security report revealed that the Chamois malware has come back with a vengeance.
The malware family was first discovered by Google’s security team in 2017 on apps hosted on the official Play Store.
The bad actors behind this threat were kicked out while security was beefed up to ensure Google detected Chamois before apps reached the Play Store.
But Google have said the malware came back with a vengeance in 2018 outside of the Google Play Store.
READ MORE: Android WARNING – Dozens of Google Play Store apps infect MILLIONS of phones with malware
Last year Chamois hit a staggering 199million installs via sideloaded apps and being advertised as a software development kit.
Google said: “Chamois uses a variety of distribution mechanisms including being pre-installed, added as an advertising SDK [software development kit], and injected into popular sideloaded applications”.
The report described Chamois as a “well-engineered, sophisticated piece of malware.”
It added: “Google Play Protect classifies Chamois as a backdoor due to the remote command-and-control capabilities it has.
“The payloads for Chamois range from a variety of ad fraud payloads to SMS fraud to dynamic code loading.”
Google said revised detection and remediation techniques saw a “sharp decline” in installs of Chamois.
While the search engine giant also said they’ve launched a new Play Protect developer site.
Elsewhere Google also revealed that the malware installed from the Google Play Store grew in 2018 by a staggering 100 per cent.
However, Google said this was because for the first time “potentially harmful” (PHA) apps now includes click-fraud apps.
The search engine giant said click-fraud apps accounted for over half (55 per cent) of all PHAs that were installed via the Google Play Store.
Google said: “Distributing click-fraud code in this way is easily scalable and makes it easy for click-fraud SDK developers to be present in the apps of hundreds or even thousands of developers”.
• Stay tuned to Express.co.uk for more Android news