January 29, 2020
In December, trojan downloaders and malware that downloads and executes arbitrary code were the most commonly detected threats on Android devices. Among them were the Android.RemoteCode and Android.DownLoader families of trojans. The activity of the former increased by 28%, while the latter was 17% less active compared with November. Doctor Web specialists also detected trojans from the Android.Joker family on Google Play for the first time. These trojans subscribed users to expensive services and were also able to execute malicious code on command.
PRINCIPAL TREND IN DECEMBER
- Detection of new malware on Google Play
Mobile threat of the month
In the last month of 2019, Doctor Web specialists uncovered the new Android.Joker family of trojans on Google Play. This malware subscribed users to expensive services and was able to download and execute arbitrary code, as well as download additional malicious modules. As before, the writers of the malicious applications disguised them as harmless software, such as camera apps, image editors, instant messengers, useful utilities, etc.
According to statistics collected by Dr.Web for Android
- Android.DownLoader.677.origin
- Android.DownLoader.909.origin
- Trojans that download other malware and unwanted software.
- Android.RemoteCode.246.origin
- A malicious application that downloads and executes arbitrary code.
- Android.Backdoor.682.origin
- A trojan that executes cybercriminals’ commands and helps them control infected mobile devices.
- Android.Triada.481.origin
- A multi-functional trojan that performs various malicious actions.
- Android.Proxy.12.origin
- Malware that redirects cybercriminal traffic via infected Android devices.
- Program.FakeAntiVirus.2.origin
- Detects adware that imitates anti-virus software.
- Program.FreeAndroidSpy.1.origin
- Program.MonitorMinor.1.origin
- Program.MobileTool.2.origin
- Spyware that monitors activities of Android users and may serve as a tool for cyber espionage.
- Program.RiskMarket.1.origin
- An app store that contains trojan software and recommends that users install it.
- Tool.SilentInstaller.6.origin
- Tool.SilentInstaller.7.origin
- Tool.SilentInstaller.11.origin
- Tool.VirtualApk.1.origin
- A riskware platform that allows applications to launch APK files without installing them.
- Tool.Rooter.3
- A utility designed to obtain root privileges on Android devices. It may be used by cybercriminals and malware.
Program modules that incorporate themselves into Android applications and display obnoxious ads on mobile devices:
- Adware.Toofan.1.origin
- Adware.Myteam.2.origin
- Adware.Adpush.6547
- Adware.Dowgin.5.origin
- Adware.Zeus.1
To protect your Android device from malware and unwanted programs, we recommend you install Dr.Web for Android.
Your Android needs protection.
Use Dr.Web
- The first Russian Anti-virus for Android
- More than 140 million downloads on Google Play alone
- Free for users of Dr.Web home products
