It’s hard to imagine life without our favorite apps; apps offer many benefits, from facilitating communication to managing finances and everything in between. Although apps make our lives easier, they’re also prime targets for malware, significantly threatening our privacy and security.

One example of malware that has been making headlines is Goldoson. The malware infected over 60 legitimate Google Play apps, which collectively have been downloaded over 100 million times.

What Is Goldoson Malware?

Goldoson is a malicious software, which, when added to apps, can collect data on installed apps, Bluetooth- and Wi-Fi-connected devices, and the user’s GPS locations.

Goldoson is the malware component of a third-party library that some apps use, which developers unknowingly added to their apps, according to Techzine.

Some infected apps include Compass 9: Smart Compass, Pikicast, GOM Player, Money Manager Expense & Budget, and L.POINT with L.PAY.

How Does Goldoson Malware Work?

When an infected app runs, the malware secretly registers the device and receives instructions from a remote server on what to do next. These instructions contain information about what Goldoson can collect from the device and the frequency at which it will do so.

The collected data is periodically sent to the remote server, where it may be exploited for malicious purposes. This data can include what other services are used on the Android device, which other devices are connected to the phone, and where that smartphone is.

Goldoson can also commit ad fraud by clicking on ads in the background without the user’s knowledge or consent.

How Can You Protect Yourself From Malicious Apps and Android Malware?

skull and bones logo on phone screen

Protecting your devices and personal data from malware is more critical than ever. Here are some recommendations to protect yourself from mobile malware.

Delete or Update Apps

Your smartphone’s operating system and installed apps are potential entry points for hackers to access your device. To remove malware from your device, uninstall infected apps, delete any apps no longer available on Google Play Store, and update your remaining apps.

Any time you delay updating your apps, you make your device more susceptible to attacks. Updating apps to their latest versions often improves app performance and fixes security vulnerabilities that malware can exploit.

It’s also important to update your operating system to protect against malware, but remember to back up your files beforehand. Android 11 and later versions have improved security features that help prevent malicious apps from collecting information on other installed apps.

Minimize the Number of Installed Apps

The more apps you install, the higher the chance of having both malicious and unused apps on your device. One of the most effective ways of preventing malware is taking preventive measures, like not downloading apps you don’t need.

Keeping an unused app on your device creates an opportunity for it to be exploited by hackers. In addition, unused apps, particularly if they run in the background, can consume storage space and memory (RAM), causing your device to slow down or malfunction.

Download Apps From a Trusted Source

Avoid downloading apps from unknown sources. Third-party app stores are more likely to host malware-infected apps as these often don’t have to meet the minimum standard for safety. That’s unlike apps on major app stores like Google Play, which are vetted by Google and are more likely to be safe (although it's not a guarantee).

If you decide to download third-party apps, do thorough research beforehand to avoid downloading malicious ones. We also recommend selecting apps from reputable developers and reviewing user ratings and reviews before installing anything.

Install Anti-Malware Software on All Devices

Installing and running reliable anti-malware for your device can help prevent malware infection. If you download and open a malicious app, anti-malware software can prevent infection.

For instance, paid mobile security solutions like Malwarebytes Premium can detect and remove malware before causing harm. While you can also use free anti-malware solutions, they’re not always reliable.

Enable Google Play Protect

Google Play Protect is a built-in malware protection program that’s always running in the background to keep your Android device, apps, and data safe.

Google Play Protect leverages Google’s machine learning algorithms and is enabled by default. It automatically scans the entire system, including installed apps for malware, removes malicious apps, and warns you of apps you haven’t used for a while so you can uninstall them. Despite these abilities, tests indicate Google Play Protect is largely ineffective as it tends to allow more malware to pass through its defenses. Still, it's better than nothing.

What Are the Common Signs of Adware and Malware Infection?

smartphone depicting Android malware

Malware can have many devastating effects on your device, including stealing your data and slowing it down. So how do you know if your phone has adware or malware? Here are a few signs and symptoms to look out for.

Battery Draining Quickly

Although aging batteries typically drain faster, a sudden and unexpected battery drain may be the result of malware infection. Malware can add additional tasks in the background that drain your battery’s power faster than expected.

Other reasons your phone’s battery could be draining quickly include keeping screen brightness at maximum, having mobile data on at all times, and using location-tracking apps.

Device Heating Up

It’s not uncommon for smartphones to heat up occasionally, but persistent overheating could be a sign of malware infection. An overheating smartphone could mean the device’s processor is being overworked. Malware often consumes CPU power quickly, causing your phone to heat up from the inside.

Unusually High Internet Data Usage

If your phone’s data usage is unusually high even when you’re not using it, it could be because of malware working in the background. Malicious software may use your internet data to perform ad fraud and transfer data from your phone to their server.

The Battle Against Malware Never Ends

The discovery of Goldoson malware in popular Google Play apps highlights the increasing ingenuity of attackers in their efforts to infect legitimate apps. The malware can collect lists of installed apps, Bluetooth- and Wi-Fi-connected devices, and GPS locations.

To protect yourself from malware, it’s crucial you stay informed about the latest threats and how it works, then take proactive measures to protect their devices. Some ways to protect yourself from mobile malware include downloading apps from a trusted source, updating apps, and using anti-malware software.