Autolycos installed 3 million times from Google Play Store
Over 3,000,000 people downloaded a new Android malware family from the Google Play Store that discreetly subscribes users to premium services.
Maxime Ingrao, an Evina security researcher, found the malware, known as “Autolycos,” in at least eight Android applications, of which two are still downloadable from the Google Play Store as of this writing.
The two apps still available are named ‘Funny Camera’ by KellyTech, which has over 500,000 installations, and ‘Razer Keyboard & Theme’ by rxcheldiolola, which counts over 50,000 installs on the Play Store.
The remaining six applications have been removed from the Google Play Store, but those who still have them installed risk being charged with costly subscriptions by the malware’s activities.
- Vlog Star Video Editor (com.vlog.star.video.editor) – 1 million downloads
- Creative 3D Launcher (app.launcher.creative3d) – 1 million downloads
- Wow Beauty Camera (com.wowbeauty.camera) – 100,000 downloads
- Gif Emoji Keyboard (com.gif.emoji.keyboard) – 100,000 downloads
- Freeglow Camera 1.0.0 (com.glow.camera.open) – 5,000 downloads
- Coco Camera v1.1 (com.toomore.cool.camera) –1,000 downloads
During a discussion with Ingrao, the researcher told Droid Tools that he discovered the apps in June 2021 and reported his findings to Google at the time.
Although Google acknowledged receiving the report, it took the company six months to remove the set of six, while two malicious apps remain on the Play Store to this day.
After so much time had passed since the initial reporting, the researcher disclosed his findings publicly.
In place of using Webview, Autolycos uses stealthy malicious behavior to execute URLs on remote browsers and then include the results in HTTP requests.
This behavior is intended to hide its actions from users of infected devices so that they won’t be noticed.
When malicious apps were installed on a smartphone, they frequently asked for authorization to view SMS content, which gave them access to a victim’s SMS text messages.
The Autolycos owners launched various social media advertising campaigns to draw in new users to the apps. Ingrao discovered 74 Facebook ad campaigns for the Razer Keyboard & Theme alone.
Additionally, while some fraudulent apps on the Play Store received unavoidably bad reviews, some with less downloads continue to have positive user ratings thanks to fake reviews.
Android users should have Play Protect activated, monitor background internet data and battery usage, and attempt to install the fewest number of apps possible on their handsets in order to protect themselves against these attacks.
Samsung Galaxy Watch 8
Google Pixel Watch 4
Google Pixel 9
Comments & Discussions
Join the conversation! We use Disqus to handle comments. Click the button below to load the comment section.
Keep Reading
New software launches rarely go off without a hitch, and Android 17 is proving no different. Shortly after the update rolled out, Pixel owners began reporting connectivity problems — specifically, losing access to 5G entirely after installing the update. Reports surfaced on the Google Pixel subreddit, with multiple users across different device generations describing the […]
Huawei’s next Kirin 5G chipsets for the Mate 90 series are expected to deliver a meaningful performance step up over the 2025 versions, driven by a shift away from Moore’s Law toward Tau’s Scaling Law. According to a new leak, HarmonyOS 7 is being developed with this architectural shift in mind. Weibo leaker @FixedFocus reports […]
The Honor X70 Pro Max has arrived without any formal launch event, slipping onto the market with a focus on durability, battery endurance, and a capable Qualcomm chipset. The phone comes in four color options: Phantom Purple, Sunburst Gold, Bamboo Rhythm Green, and Phantom Night Black. It measures 161.9 x 76.1 x 7.76mm and weighs […]
If Samsung Messages is still the default texting app on a Galaxy phone, July is going to require some attention. The app is being deactivated for US users, and texts, RCS conversations, and message history stored inside it won’t move anywhere on their own. Everything is transitioning to Google Messages – and while the migration […]
Honor has confirmed that its entire Magic series lineup will receive up to 7 years of Android updates in the EU and UK, marking a firm commitment to long-term software support, ongoing security patches, and sustained value for device owners. The announcement came during the launch of the Honor Magic V6 foldable in Malaysia. Honor […]
Being a Pixel owner outside the United States has always come with a catch: a long list of AI features that simply aren’t available in your region. Google has gradually extended some of these to international markets, but the majority remain US-only. That gap may be getting a little smaller, as the company appears to […]
