Malware found in wallpaper apps infects 21 million Android devices via Google Play

The second largest outbreak to hit the Google Play Store that we know of is called ExpensiveWall, a new malware discovered in wallpaper apps, which is said to be responsible for the infection of 21.1 million Android devices.

Check Point's researchers discovered the malware early last month and issued a statement that contains all their findings related to ExpensiveWall.

Unfortunately, the malware infected at least 50 apps on Google Play, which were downloaded between 1 million and 4.2 million times before they were removed.

The ExpensiveWall malware was “packed” inside wallpaper apps, which allowed it to escape Google Play's built-in anti-malware protections. The “packed” method is frequently used by malware developers to encrypt malicious code.

Even though Google removed these infected apps after August 7, those who installed them before they were removed are still at risk, so they should manually remove them from their Android devices.

Since ExpensiveWall is “packed” inside an Android app, it will ask the user for several common permissions, such as SMS and internet access. If granted, the malware will start sending premium SMS messages and register users for other paid services that don't exist without the user's knowledge.

Although these permissions are pretty common for certain types of apps, there's absolutely no reason for a wallpaper app to request SMS permission or even internet access for that matter. Unfortunately, many Android users grant these permissions without thinking, which is probably one of the reasons it propagated so fast in the first place.

Well, there's really no way to stay protected as long as you don't pay attention to what permissions an app requests before being installed. ExpensiveWall is a very tricky malware that's hardly detectable by standard (read free) security solutions available in the Google Play Store.

What's even worse is that malware developers find new ways to pass Google Play Store's security protections more often than ever before. The bottom line is you can never be certain if your Android device is infected or not, so the best way to stay safe is to install high-profile apps and avoid the questionable ones.

source: Check Point



1. frydaexiii

Posts: 1476; Member since: Dec 01, 2011

Really, why do people even use wallaper apps? Like I get Live Wallpapers, but those that provide static Wallpapers? Just learn to Google.

3. tangbunna

Posts: 484; Member since: Sep 29, 2016

exclude you and me

5. sgodsell

Posts: 7448; Member since: Mar 16, 2013

A wallpaper app that looks for SMS and internet permissions. Right there that is a red flag.

29. ibend2

Posts: 159; Member since: Mar 16, 2016

And why in hell those people download a wallpaper app with tons of 1star reviews, can't they find better apps? A quick search on google with keyword "best wallpaper app" should bring give them much better apps, like backdrops, muzei, tapet, google, wonderwall, and much more

41. mikehunta727 unregistered

Thought Android users were so much smarter than iOS users, more technological savvy? Seems like these people are as dumb as the iSheeps. Sad day

42. mikehunta727 unregistered

B4 anyone bashes me, I'm using ibend logic here

38. andynaija

Posts: 1262; Member since: Sep 08, 2012

SMS is a red flag, but internet makes sense for SOME wallpaper apps.

40. mikehunta727 unregistered

Unfortunately many apps on Android have excessive permissions. At least many don't break when turning off certain permissions in apps

26. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

I do use Google Wallpaper app to provide daily new wallpaper. ExpensiveWall, not like they didn't warm you. This also proves that there much work for Google protects, still not quite there yet.

37. Deadeye37

Posts: 305; Member since: Jan 25, 2011

Wonderwall is my go-to wallpaper app. I like having nice wallpapers cycle frequently on my phone. Beats googleing wallpapers every day

39. EclipseGSX

Posts: 1777; Member since: Oct 18, 2011

Sure does, I love that app too however mine hasn't had any updated wallpapers for a few days :(

2. mynameisPZee

Posts: 31; Member since: Jan 05, 2015

Wish the comment section of posts like these are switched off cos of the amount of trolling, name calling and baiting that goes round. Hey, as an aside, haven't seen Techie around here in a bit?

4. kiko007

Posts: 7505; Member since: Feb 17, 2016

He got banned about a week ago. Surprised he hasn't popped back up by now, but I gotta admit, this place is a lot more lax without his thesis length comments hogging entire pages in the forum.

10. Scott93274

Posts: 6040; Member since: Aug 06, 2013

Damn, that guy annoyed everyone.

12. kiko007

Posts: 7505; Member since: Feb 17, 2016

He had a few... issues. I think he told someone they should be run over for questioning Samsung once. Makes me wonder what he possibly could've done to get the ban hammer if open death threats didn't do the trick.

16. Scott93274

Posts: 6040; Member since: Aug 06, 2013

I've been guilty of being a total asshat at times, I wonder how I'm still here. :P

18. kiko007

Posts: 7505; Member since: Feb 17, 2016

You and me both. But he took asshat, turned it into rectal-sombrero, and still managed to stick around a good while. By comparison, we are like two Catholic kids giving the good word to homeless people; still f**ked up, not really helpful, but at least we're still around, right?!

20. Scott93274

Posts: 6040; Member since: Aug 06, 2013

Aw man, I'm going to be so sad if you ever get banned. lol, rectal-sombrero... lol.

21. kiko007

Posts: 7505; Member since: Feb 17, 2016

I wanted to go with "fecal-fedora", but that would've likely resulted in said ban.

25. RebelwithoutaClue unregistered

I wonder that too since I reported you several times. I hate teddy bears

31. Scott93274

Posts: 6040; Member since: Aug 06, 2013

Who are you again?

32. RebelwithoutaClue unregistered

Haha no one important (and I was jk of course)

33. Scott93274

Posts: 6040; Member since: Aug 06, 2013

lol, I've seen you posting all the time.... I just don't ever remember ever trash talking you at all so I was a bit taken aback. lol

34. RebelwithoutaClue unregistered

haha we never trash talked. Just a misplaced joke :)

7. KingSam

Posts: 1472; Member since: Mar 13, 2016

Eh I always look at ratings 4.0 and up and maybe a 3.8. I look at screenshots and stuff. The quality APS usually put effort in their presentation.

8. MattPerkins1

Posts: 94; Member since: Mar 25, 2017

You know I can understand experts recommending Windows over macOS and Linux but anyone recommending Android over iOS needs their head examined. I say this because Windows you can look past the malware because Windows has a simpler user interface than macOS and Linux but iOS has a simpler user interface than Android. Windows PCs are also more upgradeable than Macs thus the reason why it's preferred by gamers and businesses but neither iOS or Android can be upgraded without getting a new device thus ruining that advantage. Also the top Windows computers kill Macs on benchmarks but the iPhone kills Android phones on benchmarks. So in reality there no reason to look past Android's malware and security issues. Besides most professionals like doctors and most governments prefer iOS because it's harder to hack and is easier to use. But I also know why experts always seem to rate the top Android phones over the iPhone it's because there are far more Android users and if you state the facts to Android users who try to justify owning a $250 smartphone over a $500 and up smartphone chances are they will stop going to that site and looking for sites that tell them what they wanna hear thus cutting into the other site's ad revenue. Personally I would rather lose users than hide the truth.

9. kiko007

Posts: 7505; Member since: Feb 17, 2016

Bruh, line breaks... use 'em.

11. PhoneInQuestion

Posts: 496; Member since: Aug 20, 2017

Tell your friend Techie he needs a new hobby.

24. RebelwithoutaClue unregistered

Do you search the web for articles like this and copy paste 1 comment? Get a life dude. We get it, you hate Android

19. E34V8

Posts: 109; Member since: Dec 16, 2011

Yeah, sure. The mysterious malware in Android that I read about in these news sites, and yet in 7 years with the OS, no malware apps were installed on my phones. Guess I'm very lucky. Does someone pay you to write this BS?

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.