This popular app is infected: Chrome-lookalike Magic Browser

Chris Burns - Jun 26, 2017
1
This popular app is infected: Chrome-lookalike Magic Browser

Users that’ve downloaded the app “Magic Browser” at any point in the past should delete the app immediately. This app has been found to contain malware of a simple sort – but terrible nonetheless. This app’s malware is especially dangerous not because of what it can do to an average user’s phone, but because of how crafty it is in making it’s way into the phone – trickery!

This app looks a lot like Google Chrome – so similar that the average user might think that one is the other. Once the app is downloaded and loaded to a smartphone, it’ll begin work on the bill of the user. The user will find their monthly cell phone service bill to be affected in one of two ways.

1. Bill Skyrockets
2. Subtle Charges, adding up over time

The folks at Kaspersky Lab are also speaking up about this app this week and have investigated its innards. They suggest that “It not only uses around a dozen methods to send SMS, but also innitialises these methods in an unusual way: by processing web-page loading errors using a command from the CnC; and it can open advertising urls.” Text message charges will rise, as will charges for web data use.

UPDATE: Another app made by what appears to be the same app-making crew, Ztorg, was also found this week. This other app goes by the name “Noise Detector” and might be on hundreds of smartphones and/or tablets right this minute. Both apps have been formally removed from the Google Play app store.

Users that find this app should delete the app immediately and may want to reset their smartphone to make certain no remnant code from the app remains after it is gone. Those suspicious of friends or family having downloaded this app should alert them immediately. Have a peek at the timeline of malware below to make sure nothing is taking advantage of your computer while you sleep!


Must Read Bits & Bytes