March 2017 mobile malware review from Doctor Web

Virus reviews | Threats to mobile devices
[% DEFAULT FILE_REVIEW = ''; NAME_SOME_ARRAY_IN_MACROSNAME = [ { box => "Overview" }, { box => "Threat of the month" }, { box => "Statistics" } ] %] [% BLOCK global.tpl_blueprint.content %]

April 3, 2017

In March, Doctor Web security researchers found a program on Google Play that displayed annoying advertisements after its installation. It created unremovable widgets, embedded banners in the lock screen and displayed ads after unlocking devices. More than 50 million users installed this program.

Principal Trend in March

  • The detection on Google Play of even more applications containing an aggressive, embedded advertising module.

Mobile threat of the month

In the beginning of March, Doctor Web security researchers detected a new unwanted advertising module on Google Play. Dubbed Adware.Cootek.1.origin, it was embedded in a safe keyboard application called TouchPal.

screenshot Adware.Cootek.1.origin #drweb screenshot Adware.Cootek.1.origin #drweb screenshot Adware.Cootek.1.origin #drweb

Adware.Cootek.1.origin has the following characteristics:

  • It creates widgets that can’t be deleted until the device owner clicks on them;
  • When these widgets are tapped, the module displays a window with a mini-game that eventually comes to an end, and then ads are displayed to the user;
  • It embeds banners in the Android lock screen;
  • It displays advertising banners after unlocking a device.

More information regarding Adware.Cootek.1.origin can be found in the corresponding news article published by Doctor Web.

According to statistics collected by Dr.Web for Android

According to statistics collected by Dr.Web for Android #drweb

  • Android.HiddenAds.68.origin
  • Android.HiddenAds.76.origin
  • Android.HiddenAds.83.origin
Trojans designed to display unwanted ads on mobile devices. They are distributed under the guise of popular apps by other malicious programs that in some instances covertly install them in the system directory.
Android.Triada.197.origin
A Trojan that performs different malicious functions.
Android.Mobifun.7
A Trojan designed to download other Android applications.

According to statistics collected by Dr.Web for Android #drweb

Unwanted program modules that are incorporated into Android applications and are designed to display annoying ads on mobile devices.

Among the programs distributed via Google Play, there are both malicious and unwanted applications. Doctor Web recommends that device owners install Dr.Web for Android to protect their smartphones and tablets from such software.

Protect your Android device with Dr.Web now

Buy online Buy on Google Play Free download

[% END %]
Latest All news