android malware

New Android Trojan boosts malicious apps in Play Store

 

An Android malware dubbed ‘Trojan-Dropper.AndroidOS.Shopper.a’ found infected in large share of android devices in Russia,Brazil and Asia. According to the Kaspersky Lab researcher ‘Igor Golovin’, this malware has ability to disable the Google Play Protect service, generate fake reviews, install malicious apps, show ads, and more.

First, the Trojan deploys phishing attacks to hijack permissions to access the services.Then bypass the Android Accessibility Service, a well known strategy used by Android malware to perform a wide range of malicious activities without needing user interaction.

When all these done ,malware is able to downloads and decrypts the payload, then goes straight to collecting device info such as country, network type, vendor, smartphone model, email address, IMEI, and IMSI. These harvested information send to the remote servers which will send back a series of commands to be run on the infected android device.

By executing those commands in an infected android device, attacker is be able to open links in an invisible window,disable Google Play Protect,create shortcuts to advertised sites in the apps menu and download apps from the third-party “market” Apkpure[.]com and install them.In addition to that infected devices are used to boost other malicious apps ratings on the Play Store, post fake reviews on any apps’ entries and register users through their Google or Facebook accounts in several apps.

According to the Android Security & Privacy 2018 Year In Review report published in March 2019, Google Play Protect scans over 50 billion apps every day across more than two billion devices.But this malware indicates that those efforts may not enough on behalf of modern cyber threats.


11 thoughts on “New Android Trojan boosts malicious apps in Play Store”
  1. Hiya, I am really glad I’ve found this information. Nowadays bloggers publish only about gossip and net stuff and this is actually annoying. A good blog with exciting content, that’s what I need. Thank you for making this website, and I will be visiting again. Do you do newsletters by email?

  2. you’re actually a excellent webmaster. The website loading velocity is amazing. It kind of feels that you’re doing any unique trick. Moreover, The contents are masterpiece. you’ve performed a great activity in this topic!

  3. Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your blog?

    My blog site is in the exact same area of interest as yours and my visitors would definitely benefit
    from a lot of the information you present here. Please let me know if this alright with you.
    Cheers!

  4. My brother suggested I may like this website. He was once entirely right.
    This submit actually made my day. You can not believe just how so
    much time I had spent for this information! Thanks!

    Feel free to surf to my web blog: BobbieKBalfe

  5. If some one needs to be updated with most recent technologies afterward he must be pay a visit this website
    and be up to date all the time.

Leave a Reply

Your email address will not be published. Required fields are marked *