A French security researcher has now found two more malware-filled apps on Google Play Store that steals user data and can subscribe to premium services without. Unlike the joker malware which has a web view, the new Auto Lycos malware found on the "Funny Camera" and "Razer Keyboard & Theme" app use HTTP request techniques.

According to the screenshot shared by the security researcher Maxime, the Funny Camera app has over 500k installs while the Razer Keyboard & Theme app has over 50k installs.

According to the researcher, these apps use "JSON on the C2 address: 68.183.219.190/pER/y" and execute the URLs in a remote browser and return the results to include within the request. As there is no web view, most users won't notice this, making it a discreet malware that a normal user won't be able to recognize.

The fraudsters are said to be running ads on various Facebook and Instagram pages to promote these apps. The researcher has spotted as many as 74 ad campaigns by Razer Keyboard & Theme malware app. Google has now removed both apps from the Play Store and they are no longer available for download.

These apps will lure in customers from social media and will steal money by subscribing to various services. Unlike the Joker malware, which has a web view, the Auto Lycos does not have any web view, hence, it is very hard to detect, making it easy to affect the infected devices and most users won't be able to realize the same.

What Should You Do?

If you have downloaded either of these apps, then make sure to uninstall them as soon as possible. These are proved to include malware that will make you subscribe to premium services and can easily steal your money. Hence, always be careful while installing an app from a new developer and only install apps from Google Play Store, and do not sideload APKs.

Update the apps and games downloaded on your device frequently. While Google has enhanced security on the Play Store, there are still a few apps like the Funny Camera that can still bypass Google's security.

