Popular Android apps have been found spreading Android.Cynos.7.opss malware, which can steal personal data and create fake ad clicks

**Summary:** Android.Cynos.7.opss is a new malware variant that disguises itself as a system application to avoid detection. The malware steals sensitive personal data and uses a victim’s device to create fake ad clicks. Cybersecurity firm Dr. Web said that the malware was found embedded in over 190 Android games and apps, which were downloaded more than 9 million times in total. Affected apps include simulators, arcades, strategies, shooters, and educational apps, among others. The malware has the ability to collect data including the device model, IMEI, MAC addresses, and a list of installed apps, and can also steal data from a device’s clipboard. It is recommended to triple-check the source and reviews of an app before installing it, and delete any apps that seem suspicious or exhibit unusual behavior.