Defend what you create

Other Resources


My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


June 2016 mobile malware review from Doctor Web

June 30, 2016

In June, Doctor Web security researchers detected several malicious applications on Google Play store. One of them was designed to steal login credentials for VK user profiles; and the other—to load suspicious websites as advertising banners in order to get users’ mobile phone number and subscribe them to chargeable services.


  • Detection of a Trojan that steals logins and passwords from VK user profiles
  • Detection of a Trojan that opens suspicious websites as advertisements on Google Play

Mobile threat of the month

Although Google Play is still considered to be the most secure Android app store, from time to time, attackers try to spoil its reputation by spreading their malicious programs via this catalog. This month, Doctor Web specialists detected a group of Android applications that were found to contain Android.Valeriy.1.origin. This Trojan is able to redirect to dubious websites and display them as advertisements in order to get their mobile phone number and subscribe them to chargeable services. Then a certain subscription fee is written off from the user’s mobile account every day. At that, Android.Valeriy.1.origin intercepted all SMS messages informing the user about the subscription. The Trojan can also download malicious programs and execute JavaScript scripts.

Android.Valeriy.1.origin #drweb Android.Valeriy.1.origin #drweb

More information about Android.Valeriy.1.origin can be found in the corresponding review published by Doctor Web.

According to statistics collected by Dr.Web for Android

According to statistics collected by Dr.Web for Android #drweb

According to statistics collected by Dr.Web for Android #drweb

An unwanted program module that is incorporated into the Android applications and is responsible for advertising on mobile devices.

Trojans on Google Play

Apart from Android.Valeriy.1.origin, another Trojan was found in Google Play—Android.PWS.Vk.3. This Trojan was represented as a media player for VK music. It prompted the user to enter their login and password for the VK user account and then covertly sent this private information to cybercriminals.

screen Android.PWS.Vk.3 #drweb screen Android.PWS.Vk.3 #drweb

For more information about Android.PWS.Vk.3, refer to the news article published by Doctor Web.

Doctor Web strongly advises users to install only official applications and protect their devices with anti-virus software.

Protect your Android device with Dr.Web now

Buy online Buy on Google Play Free download

The Russian developer of Dr.Web anti-viruses
Doctor Web has been developing anti-virus software since 1992
Dr.Web is trusted by users around the world in 200+ countries
The company has delivered an anti-virus as a service since 2007
24/7 tech support

Dr.Web © Doctor Web
2003 — 2021

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125124