Tech

'Squid Game' malware has already arrived on Android phones

The malicious wallpaper app was downloaded more than 5,000 times before Google removed it.

Waiters dressed in outfits from the Netflix series Squid Game pose while playing a game to attract c...
ADEK BERRY/AFP/Getty Images

Squid Game is Netflix’s biggest original hit ever, with more than two-thirds of all subscribers reportedly watching the show since its release about a month ago. That success means millions of people are now invested in the Squid Game cinematic universe, eager for more content in any possible form.

A malicious person (or group of people) took advantage of that intense interest by creating a Squid Game-themed Android app full of malware. The app marketed itself as a wallpaper app full of Squid Game illustrations — but it ended up being no more than a front for malware injection, Forbes reports.

The app’s hidden intent was discovered by a Twitter user named @ReBensk and then investigated by ESET malware researcher Lukas Stefanko. Stefanko tweeted yesterday that running the app on an Android device might result in malicious ad fraud (wherein ad revenue is inflated using fake impressions numbers) or unwanted SMS subscriptions.

After being alerted to the app’s existence, Google wiped it from the Play Store. But more than 5,000 people had already downloaded it by that point, allowing the well-known Joker malware onto their devices.

We live in a society — The Joker family of malware has been attacking Android phones for years now. Researchers from security firms are consistently finding new versions of it in Android apps that seem plenty legitimate from the user’s perspective. Those apps are sometimes downloaded hundreds of thousands of times before the Joker is discovered lurking beneath the surface.

The Joker family of malware is particularly sneaky, often waiting hours or days after an app is installed to run on the device. This undercover operation allows the Joker to slip through Google’s malware-detection systems without sending up any red flags.

A Joker strain can wreak extensive damage once it’s been deployed. Sometimes this harm comes in the form of signing users up for services without their consent; sometimes the malware steals your contact list or SMS messages.

There could be more — This Squid Game wallpaper app took advantage of the show’s popularity to spread its malware. Stefanko notes that, as of yesterday, there were more than 200 other Squid Game apps on the Play Store, none of which are official. Stefanko has checked a few and found them to be pretty safe — but that’s not to say all of them are. These unofficial apps are racking up plenty of downloads; one game even topped a million installs in just 10 days.

Google has pretty robust malware checks in place for the Play Store, but malware creators are wily, adapting their code to maneuver around Google’s detection systems. Malware is an unfortunate reality for Android users, and apps distributing it sometimes end up infecting thousands of phones before they’re discovered.

Google will never be able to guarantee the Play Store is 100 percent safe. Stefanko’s advice: Downloading an app from an unknown publisher is always a risk, and it’s always best to read the reviews before you do so.