My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Doctor Web’s overview of malware detected on mobile devices in July 2016

July 29, 2016

In the past month, Doctor Web specialists found a new Trojan on Google Play that displays advertisements and steals private information. They also discovered a spyware Trojan incorporated into a modified version of the popular game—Pokémon Go.


  • A large number of applications containing an adware Trojan were discovered on Google Play.
  • A new spyware Trojan incorporated into a modified version of the game Pokémon Go.

Mobile threat of the month

In July, our specialists discovered yet another Trojan on Google Play—Android.Spy.305.origin. This Trojan is designed to display advertisements and steal confidential information. Android.Spy.305.origin is an advertising platform that can display ads on top of running applications and operating system interfaces. It can also display ads in the status bar. Doctor Web security researchers detected more than 150 applications containing this Trojan. These applications have been downloaded over 2.8 million times.

screen Android.Spy.305.origin #drweb screen Android.Spy.305.origin #drweb screen Android.Spy.305.origin #drweb

For more information about this incident, refer to this news article published by Doctor Web.

According to statistics collected by Dr.Web for Android

According to statistics collected by Dr.Web for Android #drweb

According to statistics collected by Dr.Web for Android #drweb

An unwanted program module that is incorporated into Android applications and is responsible for displaying annoying ads on mobile devices.


The Pokémon Go game, which was released in July, became very popular with millions of users worldwide, a fact that did not go unnoticed by cybercriminals. In mid-July, Doctor Web specialists detected that a modified version of this game contained Android.Spy.178.origin, a spyware Trojan first spotted by Doctor Web in April 2015. Android.Spy.178.origin steals private information—for example, information about phone calls, SMS messages, contacts, GPS coordinates, and browser history and bookmarks.

screen Android.Spy.178.origin #drweb screen Android.Spy.178.origin #drweb screen Android.Spy.178.origin #drweb

Attackers are still trying to compromise Android devices by publishing malicious applications on Google Play and turning benign programs into dangerous ones. Therefore, Doctor Web strongly advises users to protect their devices with anti-virus software and download applications only from reliable resources.

Protect your Android device with Dr.Web now

Buy online Buy on Google Play Free download