The page may not load correctly.
December 29, 2017
In the last month of 2017, several new Trojans were detected on Google Play. They were hidden inside benign applications. These malicious programs were bankers that stole confidential information from clients of credit organizations. Another “December” Android Trojan posed a threat to Android device owners and was distributed outside the official software catalog. It also stole login credentials required to access banking account records. Additionally, in the past month, cybercriminals spread a malicious program that spied on Italian users.
In December, a signature of Android.Spy.410.origin was added to the Dr.Web virus database. This Trojan spied on Italian Android device owners and stole confidential information. It sent the cybercriminals correspondence from popular messaging and social network applications such as Skype, WhatsApp, Telegram, etc. It also intercepted SMS messages and phone calls, and also could steal images stored in the memory of an infected mobile device.
Malicious programs that download other Trojans and also unwanted software.
In December, more banking Trojans were detected on Google Play. According to the Dr.Web classification, they were named Android.BankBot.243.origin and Android.BankBot.255.origin. Cybercriminals injected them into benign programs, so they do not arouse the suspicions of potential victims. These Trojans searched infected smartphones and tablets for banking applications indicated by cybercriminals and displayed fake login forms to access accounts. After that, bankers sent the obtained information to the cybercriminals.
Additionally, in the past month, Android users’ devices were attacked with Android.Packed.15893. It also showed fraudulent windows with a request for login credentials for mobile banking and sent cybercriminals all input data.
Bankers pose a serious threat because cybercriminals use them to steal money from mobile device owners. Cybercriminals spread these malicious programs both via Google Play and third-party application stores, and also via hacked and fraudulent websites. To protect Android smartphones and tablets from these and other threats, it is recommended that users install Dr.Web products for Android.
© Doctor Web
2003 — 2022
Doctor Web is a cybersecurity company focused on threat detection, prevention and response technologies
Doctor Web in social networksLink accounts