Security researchers caught a piece of malware hidden in an Android wallpaper app for the Netflix series Squid Game.
The app named ‘Squid Game Wallpaper 4k HD’ was available to download from Google Play, and according to Forbes, at least 5,000 users did so.
Security researcher Re-ind posted on Twitter, claiming that the malware masquerading as a Squid Game wallpaper app is a well-known Android trojan known as Joker.
ESET’s malware researcher Lukas Stefanko took note of the Twitter post and added that the ‘Squid Game Wallpaper 4k HD’ app downloads and executes native library, which in turn downloads and executes apk payload.
“Running this app on a device might result in malicious ad-fraud and/or unwanted SMS subscription actions,” Stefanko wrote in a Twitter post.
There are hundreds of Squid Game apps available on Google Play. Since the South Korean show creators did not put out an official game, developers are using the opportunity to cash in on the opportunity.
Some, however, try to add malware to abuse the recent interest in the record-breaking Netflix series.
Even though all apps go through Google’s app-vetting process, threat actors find a new way to bypass the system. To avoid getting duped into downloading malicious software, it’s best to avoid unofficial apps, even though they appear on trusted app stores.
Conclusion
Threat actors are always….always looking for loopholes. Be careful of what you download, and the platform you download it from. Remember that anybody can be a victim but treading cautiously is the only medicine in avoiding the unavoidable.
