Beware of ExpensiveWall Malware!

Cyber Security firm Check Point has warned all Android users to stay away from an app called ‘ExpensiveWall’. The said app is actually a malware which sends out premium text messages and opts for fake services which are chargeable by mobile service providers.

As per the details available from the researchers of CheckPoint, ExpensiveWall is being propagated by hackers in the disguise of Wallpaper app. This malware was identified by the security experts last week and Google was sent an alert on this note.

Reacting to the tip-off, Google immediately pulled down the app which has been so far downloaded by up to 21.1 million users. Google admitted that this was one of the biggest ever Android malware in circulation and was found disguised as 50 free wallpapers, camera apps, and video editing apps.

As per the details available to our Cybersecurity Insiders, ExpensiveWall is a malicious code variant of another notorious malware discovered by McAfee in January 2017. The malware was more linked to cameras and photo apps then and is now being circulated as wallpaper.

Security experts Elena Root and Andrew Polkovnichenko of Check Point said that the app has the ability to go undetected by the world’s sophisticated anti-malware software. This includes the latest Google Protect as well which is being offered in Android’s latest OS named Oreo.

Ms. Root added that the malware is capable of operating silently, as all of this illicit activity takes place without the victim’s knowledge, making it ideal spying tool.

In early August this year, Check Point alerted Google on this issue. The internet juggernaut immediately reacted and removed the malware-driven apps from its Play store. But within days the malware emerged as ExpensiveWall and was discovered suspicious in early September.

Google issued a public statement yesterday saying that the app has been removed from its play store and appreciated the effort put forward by the research community which helps keep the android ecosystem safe.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display