The research team of security firm Check Point reportedly discovered the malware last month. They issued a statement containing the findings related to ExpensiveWall malware.
The team's results say, ExpensiveWall malware has infected at least 50 applications on Google Play that have been downloaded between 1 to 4.2 million times. The 50 apps are also reportedly removed from the app store.
Malware ExpensiveWallpaper is hidden in wallpaper apps, so the malware can escape the anti-malware protection available in the Google Play Store.
Such methods are often used by malware developers to encrypt malicious code into the application without fear of being detected by anti-malware protection.
Although Google has removed the malware-infected applications on August 7, 2017, users who have installed the app on their device are still potentially infected with malware.
Therefore, those who download infected applications are advised to immediately remove the application in question.
Because ExpensiveWall is hidden in the Android app, the malware will ask permission to the user to access the SMS and connect to the internet. If permission is granted, the malware will start sending premium SMS and registering users to other paid services unnoticed by the user.
Although the permissions requested are quite common in different types of applications, it is not the reason the wallpaper app asks for SMS permission or is connected to the internet. Unfortunately, many Android users simply give permission because it considers the permission is quite common.
To avoid other malware hidden in the app, users should always consider the type of application you want to download. Be sure to always download a trusted app, not from any developer.
