The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been embedded into at least four Android apps available outside of Google Play, specifically on sites promoting money-making scams. One of the apps was available for close to a month on Google Play but didn’t contain the malicious CherryBlos payload. The researchers also discovered suspicious apps on Google Play that were created by the same developers, but they also didn’t contain the payload.
The researchers said that Google has removed all such apps that were available on Play. A list of those apps is available here.
You must log in or # to comment.