The page may not load correctly.
September 15, 2022
Last month, the number of user requests to decrypt files affected by encoders decreased by 2.57%. Once again, the leading encoder trojan was Trojan.Encoder.26996, which accounted for 32.24% of all incidents recorded.
We also observed high trojan activity and shady apps designed to display intrusive ads on Android devices.
The most common threats of the month:
In August, the number of user requests to decrypt files affected by encoders decreased by 2.57% compared to July.
Internet scammers remained highly active in August. For example, they continued luring potential victims to pseudo-investing sites that were allegedly tied to large Russian financial and oil and gas sector companies. When visiting such websites, users are often asked to participate in a simple test, register an account by providing personal information, and wait for the “manager” to call back. If they believe such offers and proceed, these users are willingly providing an unknown third-party with their confidential data. On top of that, they might start receiving unwanted phone calls—both from scammers pretending to be bank employees and from some other dubious people, like company representatives advertising their services.
An example of one such site is shown below. First, visitors are invited to take a test, which is scripted and the answers do not affect the final result in any way. Next, users are allegedly granted access to the investing platform of a large Russian bank. Last, they are asked to provide their contact data: first and last names, mobile phone number, and email. When they do that, they receive a message stating that the registration was successful and that soon they will be contacted by an “expert”.
In August, an increase was observed in trojan activity and apps designed to display unwanted and intrusive ads on Android devices. The activity of specialized software platforms that allow applications to launch other apps without installing them also increased. At the same time, the activity of the Android.Spy.4498 trojan, designed to steal information from other apps’ notifications, continued to decrease.
The following August events involving mobile malware are the most noteworthy:
Find out more about malicious and unwanted programs for mobile devices in our special overview.