A security firm said this week it found malware on Huawei’s official Android app store, the AppGallery.
Russian antivirus maker Dr.Web said it found ten apps from three developers that were infected with Joker, a type of Android malware that subscribes users to premium phone services in a tactic known as WAP fraud.
Researchers say the ten apps posed as legitimate applications, such as virtual keyboards, camera apps, app launchers, instant messengers, sticker collections, coloring programs, and games.
However, malicious code hidden in the apps operated behind the scenes to open a browser window and subscribe users to premium phone numbers, allowing the malware’s operators to earn commissions.
In addition, the malware also intercepted SMS messages and push notifications in order to prevent alerting the user to their presence on the device.
Huawei removed the apps from its store, but not devices
After receiving an alert from Doctor Web, Huawei hid the trojans in the AppGallery store to protect users. The company will conduct an additional investigation to minimize the risks of such apps appearing in the future.
But while the apps listings were hidden on Huawei’s app store, they are still present on user devices and are putting users at risk.
Huawei smartphone owners who want to remove the apps will need to go into their operating system’s Apps section and search for one of the ten app names below. In case they find any of the apps listed underneath, users are also advised to alert their ..