Android phone with apps

Cybersecurity experts discovered a new type of malware that infiltrated legitimate apps on the Google Play Store and ONE store, and it collects data on installed apps, a history of Wi-Fi and Bluetooth-connected devices and a user’s GPS locations.

Reported by McAfee’s Mobile Research Team, the Goldoson malware made its way onto 63 applications with over 100 million downloads overall on Google Play. The malicious software library can also load pages right under the user’s nose, which can be used to click advertisements in the background for threat actors to make a profit – the main benefit of adware.

The Goldoson software library registers the device once an infected app in launched, and gets remote configurations when the app is running from a remote server, with its domain being unclear. The Android malware sends collected data every two days, including sensitive information such as location history, MAC address of Bluetooth and Wi-Fi nearby and more.

The report confirms that devices running Android 11 and above are better protected from the info-stealing malware, as the OS is more aware of suspicious apps gathering data on installed apps. Still, researchers claim 10% of apps with Goldonson can still get access to app data even with that latest version of Android.

McAfee reached out to Google about the infected apps. The tech giant alerted developers of the malware occupying their apps, stating that fixes are needed otherwise apps will be removed from Google Play. Many developers have updated their apps to remove the Goldonson malware, but some apps have been removed.

Here’s a list of the most popular apps and their status.

Name of appGoogle Play downloadsStatus
L.POINT with L.PAY10 million+Updated
Swipe Brick Breaker10 million+Removed
Money Manager Expense & Budget 10 million+Updated
GOM Player 5 million+Updated
LIVE Score, Real-Time Score 5 million+Updated
Pikicast 5 million+Removed
Compass 9: Smart Compass1 million+Removed
GOM Audio – Music, Sync lyrics 1 million+Updated
Bounce Brick Breaker 1 million+Removed
Infinite Slice1 million+Removed

How to remove Goldonson malware on Android

With the amount of downloads these apps have, users with these apps should either update the apps on their Android device in order to remove the malware, or delete the app if it has been removed on the Google Play Store.

The ONE store, a third-party Android app store in South Korea, also has apps infected by the malware. Apps from third-party app stores are at risk of not being updated or removed. If you download apps from these platforms, you should remove them.

Here’s a way to get rid of dangerous apps on your Android device safely. For more ways, check out our guide on how to remove malware on Android.

Safely remove an app on Android

  • On your Android, press the necessary buttons to turn off your device.
  • Tap and hold the Power off icon.
  • Press OK to reboot to safe mode. This will restart your device.
How to remove malware on Android
  • Once restarted, head to Settings.
  • Navigate to Apps.
  • Select any suspicious apps you wish to remove.
  • Tap Uninstall. Restart your device to go back to normal mode.
How to remove malware on Android

Clear cache on Android

Clearing your browser and app cache on your Android device will help minimize the effects of malware. Apps and browsers store your online activities, and malicious software like adware can use this to cause more harm. Clearing cache can also help clear up space on your Android, boosting the device’s performance.

  • To clear app cache, head to Settings on your Android.
  • Select Storage and choose Apps.
  • Select an app.
  • Tap Clear cache.
How to remove adware on Android 2

Many Android owners use Google Chrome as their default browser. Here’s how to clear cache in Chrome on Android.

  • On your Android, open Chrome.
  • Tap the three vertical dots in the upper-right corner.
  • Select Settings.
  • Tap Privacy and security.
  • Select Clear browsing data.
  • To just clear cache, uncheck Browsing history and Cookies and site data.
  • Tap Clear data.
How to remove adware on Android 3

Use antivirus software to protect your device

Simply put, the best way to get rid of malware is to use the best antivirus software.

There are many free malware removal apps that will dispatch malicious software on your device, but it’s a good idea to make sure these tools are trustworthy, as hackers can also disguise these apps on the Google Play Store to deploy even more malware.

The best antivirus apps come with a suite of security features that can get rid of virus, malware, ransomware, spyware or any malicious software that burrows into your Android. Some antivirus software, such as Bitdefender, offers security subscriptions specifically for Android, making it a more cost-effective option for those that only need Android protection.

We also recommend free apps from known cybersecurity companies, including Avast One, AVG and Malwarebytes Mobile Security. These will detect and remove malware on your Android. Check out our thoughts on each antivirus below.

Darragh Murphy
Darragh Murphy is fascinated by all things bizarre, which usually leads to assorted coverage varying from the mischievous world of online security to washing machines designed for earbuds. Whether it's connecting Scar from The Lion King to two-factor authentication or turning his love for laptops into a fabricated rap battle from 8 Mile, he believes there’s always a quirky spin to be made. When he's not checking out the latest devices and all things tech, he can be found swimming laps, watching terrible shark movies, and trying to find time to game.  Previous Editor at Laptop Mag and News Editor at Time Out Dubai, specialising in food culture, nightlife events, gaming, tech and entertainment.


Please enter your comment!
Please enter your name here