Autolycos is a mobile threat designed to infect Android devices. It was spread via multiple applications that were available and could be downloaded from the official Google Play Store. Google has taken measures, and most of the weaponized applications have since been removed.

Still, users who have already downloaded one of the corrupted apps should proceed to uninstall them manually from their devices. Some of the applications identified to carry the Autolycos threat are the Vlog Star Video Editor, the Gif Emoji Keyboard, the Freeglow Camer 1.0.0, the Coco Camera v1.1, the Wow Beauty Camera, the Creative 3D Launcher and more. As a whole, the compromised applications were able to amass around 3 million downloads, with the Vlog Star Video Editor and the Creative 3D Launcher being responsible for a third of the downloads.

Once established on the user's Android device, Autolycos would proceed to generate profits for the attackers by subscribing the unsuspecting victims to its premium services. The threat is capable of opening URLs on a remote browser. After that, it will include the result as a part of an HTTP request, instead of using Webview. Many of the Autolycos applications also request permission to read SMS when installed. If the request is granted, the threat will be able to access and read any SMS content.


Most Viewed