Researchers have uncovered trojan virus in more than 100 Android apps downloadable from the official Google Play Store. The research team at Russian security firm Doctor Web first added the trojan, which they called Android.Spy.277.origin, to its virus database on April 1st, 2016. The malware experts found the trojan in 104 Android applications available for download on the Google Play Store. Those apps claim to offer photo editing services, animated wallpaper themes, and other programs. It has been downloaded over 3.2 million times already onto victims' devices.
Once downloaded, the apps don't work as they're supposed to. Instead, Android.Spy.277 collects a huge amount of data on the smartphone's owner, including but not limited to: the phone's IMEI code, the user's geographic location, the user's Gmail address, the phone number registered to the smartphone and the user's Google Cloud Messaging ID.
Every time the user tries to open one of the clone apps, the malware sends the information gathered to the hackers' command and control (C&C) server, which will then give the app instructions, such as: show the user pop-up ads that appear on the notification bar, or place shortcuts to links onto the user's smartphone home screen. When clicked, these open links to malicious websites on either the smartphone web browser, the Facebook app or even the Google Play Store app itself.
Doctor Web has notified Google, whose teams have begun to remove some of the malicious apps from the Play Store.
While Google sorts out that problem, Android users are urged to install an anti-virus solution on their devices and to install apps only from trusted app developers.
MORE FROM APP NEWS ▼
RELATED TAGS YOU MAY LIKE |
Android News,
App News
REVIEWS | COMMENTS