Sixty-three legitimate apps in the Google Play Store with more than 100 million downloads have been compromised with the novel Goldoson Android malware, which could compromise app, Wi-Fi and Bluetooth-connected device, and GPS location data, The Hacker News reports.
Aside from having ad fraud functionality, Goldoson could also facilitate stealthy web page loading through the execution of HTML code in an obscured WebView, a report from McAfee revealed.
Google has already removed 36 of the compromised apps while the remaining apps have already been updated to eliminate Goldoson. The report should prompt increased transparency into software dependencies leveraged in mobile apps.
"Attackers are becoming more sophisticated in their attempts to infect otherwise legitimate applications across platforms. The use of third-party SDKs and code, and their potential to introduce malicious code into otherwise legitimate applications is only continuing to grow as attackers start to target the software supply chain to gain the largest footprint possible," said Zimperium Vice President of Sales Engineering for the Americas Kern Smith.