My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Doctor Web’s March 2020 overview of malware detected on mobile devices

April 13, 2020

In March, the number of threats discovered on Android devices increased by 21.24% compared to February. The amount of malware increased by 21.6%, unwanted apps – by 13.37%, riskware – by 32.65% and adware – by 27.64%.

Throughout the month, Doctor Web analysts discovered new threats on Google Play. The Android.Joker trojan family member showing obnoxious ads and subscribing users to premium services, as well as the dangerous multifunctional trojan Android.Circle.1 executing attackers’ commands were among them.


  • The growing number of the threats detected on Android devices
  • The discovery of new threats on Google Play

Threat of the month

In March, Doctor Web reported on the discovery of the new dangerous trojan dubbed Android.Circle.1 spread through Google Play. It was downloaded more than 700,000 times. At the command of attackers, this malware would show advertisements and load various websites where it imitated users’ actions performing clicks on banners and links. The example of showed ads could be seen below:

#drweb #drweb #drweb

Throughout the month, our specialists discovered several modifications of this trojan.

Features of Android.Circle.1:

According to statistics collected by Dr.Web for Android

 According to statistics collected by Dr.Web for Android #drweb

Malicious applications that download and execute arbitrary code.
A trojan that displays obnoxious ads.
A trojan that executes criminal commands and helps them control infected mobile devices.

 According to statistics collected by Dr.Web for Android #drweb

Detects adware that imitates anti-virus software.
Software that monitors Android user activity and may serve as a tool for cyber espionage.
Detects a special software module that is used by financial organisations in their apps in order to provide users with loans. It represents a tool that collects users’ private information to build their credit profile. This module collects data about SMS messages, web browser bookmarks, device geolocation, calendar entries and other personal information.

По According to statistics collected by Dr.Web for Android #drweb

Riskware platforms that allow applications to launch APK files without installation.
A utility designed to obtain root privileges on Android devices. It may be used by cybercriminals and malware.

According to statistics collected by Dr.Web for Android #drweb

Program modules incorporated into Android applications and designed to display obnoxious ads on Android devices:

Threats on Google Play

In March, a new modification of the Android.Joker trojan family, dubbed Android.Joker.102.origin, was found on Google Play among other threats. It was spread as an image editing software and wallpapers collections application. This malware was able to download and launch additional trojan components, execute arbitrary code and subscribe users to premium services.

To protect your Android device from malware and unwanted programs, we recommend installing Dr.Web for Android.

Dr.Web Mobile Security

Your Android needs protection.

Use Dr.Web

  • The first Russian anti-virus for Android
  • Over 140 million downloads—just from Google Play
  • Available free of charge for users of Dr.Web home products

Free download